Adds tests for disallowing ddl commands on h2 (#25523)

- also for ignoring INIT=... on the conn string

test/metabase/driver/h2_test.clj

@@ -11,6 +11,7 @@
             [metabase.query-processor :as qp]
             [metabase.test :as mt]
             [metabase.test.util :as tu]
+            [metabase.util :as u]
             [metabase.util.honeysql-extensions :as hx]))
 
 (deftest parse-connection-string-test
@@ -30,7 +31,11 @@
 
   (testing "Check that we override shady connection string options set by shady admins with safe ones"
     (is (= "file:my-file;LOOK_I_INCLUDED_AN_EXTRA_SEMICOLON=NICE_TRY;IFEXISTS=TRUE;ACCESS_MODE_DATA=r"
-           (#'h2/connection-string-set-safe-options "file:my-file;;LOOK_I_INCLUDED_AN_EXTRA_SEMICOLON=NICE_TRY;IFEXISTS=FALSE;ACCESS_MODE_DATA=rws")))))
+           (#'h2/connection-string-set-safe-options "file:my-file;;LOOK_I_INCLUDED_AN_EXTRA_SEMICOLON=NICE_TRY;IFEXISTS=FALSE;ACCESS_MODE_DATA=rws"))))
+
+  (testing "Check that we override the INIT connection string option"
+    (is (= "file:my-file;IFEXISTS=TRUE;ACCESS_MODE_DATA=r"
+           (#'h2/connection-string-set-safe-options "file:my-file;INIT=ANYTHING_HERE_WILL_BE_IGNORED")))))
 
 (deftest db-details->user-test
   (testing "make sure we return the USER from db details if it is a keyword key in details..."
@@ -150,3 +155,38 @@
                       "GROUP BY ATTEMPTS.DATE "
                       "ORDER BY ATTEMPTS.DATE ASC")
                  (some-> (qp/compile query) :query pretty-sql))))))))
+
+(deftest classify-ddl-test
+  (mt/test-driver :h2
+    (is (= [org.h2.command.dml.Select]
+           (mapv type (#'h2/parse (u/the-id (mt/db)) "select 1"))))
+    (is (= [org.h2.command.dml.Update]
+           (mapv type (#'h2/parse (u/the-id (mt/db)) "update venues set name = 'bill'"))))
+    (is (= [org.h2.command.dml.Delete]
+           (mapv type (#'h2/parse (u/the-id (mt/db)) "delete venues"))))
+    (is (= [org.h2.command.dml.Select
+            org.h2.command.dml.Update
+            org.h2.command.dml.Delete]
+           (mapv type (#'h2/parse (u/the-id (mt/db))
+                                  (str/join "; "
+                                            ["select 1"
+                                             "update venues set name = 'bill'"
+                                             "delete venues"])))))
+    (is (= nil (#'h2/check-disallow-ddl-commands
+                {:database (u/the-id (mt/db))
+                 :engine :h2
+                 :native {:query (str/join "; "
+                                           ["select 1"
+                                            "update venues set name = 'bill'"
+                                            "delete venues"])}})))
+    (let [trigger-creation-attempt
+          (str/join "\n" ["DROP TRIGGER IF EXISTS MY_SPECIAL_TRIG;"
+                          "CREATE OR REPLACE TRIGGER MY_SPECIAL_TRIG BEFORE SELECT ON INFORMATION_SCHEMA.Users AS '';"
+                          "SELECT * FROM INFORMATION_SCHEMA.Users;"])]
+      (is (thrown?
+           clojure.lang.ExceptionInfo
+           #"DDL commands are not allowed to be used with h2."
+           (#'h2/check-disallow-ddl-commands
+            {:database (u/the-id (mt/db))
+             :engine :h2
+             :native {:query trigger-creation-attempt}}))))))