node-sql-parser - npm Package Compare versions

Comparing version 0.1.3 to 1.0.0

lib/parser.js

@@ -15,18 +15,20 @@ 'use strict'
 
-  whiteListCheck(sql, whiteList) {
+  whiteListCheck(sql, whiteList, type = 'table') {
     if (!whiteList || whiteList.length === 0) return
-    const tableAuthorityList = this.tableList(sql)
+    if (!this[`${type}List`] || typeof this[`${type}List`] !== 'function') throw new Error(`${type} is not valid check mode`)
+    const checkFun = this[`${type}List`].bind(this)
+    const authorityList = checkFun(sql)
     let hasAuthority = true
-    let denyTable = ''
-    for (const tableAuthority of tableAuthorityList) {
-      let hasTableAuthority = false
+    let denyInfo = ''
+    for (const authority of authorityList) {
+      let hasCorrespondingAuthority = false
       for (const whiteAuthority of whiteList) {
         const regex = new RegExp(whiteAuthority, 'i')
-        if (regex.test(tableAuthority)) {
-          hasTableAuthority = true
+        if (regex.test(authority)) {
+          hasCorrespondingAuthority = true
           break
         }
       }
-      if (!hasTableAuthority) {
-        denyTable = tableAuthority
+      if (!hasCorrespondingAuthority) {
+        denyInfo = authority
         hasAuthority = false
@@ -36,3 +38,3 @@ break
     }
-    if (!hasAuthority) throw new Error(`authority = '${denyTable}' is required in whiteList to execute SQL = '${sql}'`)
+    if (!hasAuthority) throw new Error(`authority = '${denyInfo}' is required in ${type} whiteList to execute SQL = '${sql}'`)
   }
@@ -44,4 +46,9 @@
   }
+
+  columnList(sql) {
+    const astInfo = this.parse(sql)
+    return astInfo && astInfo.columnList
+  }
 }
 
 module.exports = Parser

package.json

 {
   "name": "node-sql-parser",
-  "version": "0.1.3",
+  "version": "1.0.0",
   "description": "simple node sql parser",
@@ -11,3 +11,3 @@ "main": "index.js",
     "prepublishOnly": "npm run build",
-    "cover": "npm run lint && istanbul cover ./node_modules/mocha/bin/_mocha --report lcovonly -- -R spec test/*.spec.js"
+    "cover": "npm run lint && istanbul cover ./node_modules/mocha/bin/_mocha -x build/pegjs-parser.js --report lcovonly -- -R spec test/*.spec.js"
   },
@@ -14,0 +14,0 @@ "repository": {

README.md

@@ -1,2 +0,2 @@
-# GanJiang SQL Parser
+# Nodejs SQL Parser
 
@@ -14,3 +14,3 @@ [![Codacy Badge](https://api.codacy.com/project/badge/Grade/dff0b2ee1b964d2d88fe6947c4f5c649)](https://app.codacy.com/app/taozhi8833998/node-sql-parser?utm_source=github.com&utm_medium=referral&utm_content=taozhi8833998/node-sql-parser&utm_campaign=Badge_Grade_Dashboard)
 
-**Parse simple SQL statements into an abstract syntax tree (AST) with the visited tableList and convert it back to SQL.**
+**Parse simple SQL statements into an abstract syntax tree (AST) with the visited tableList, columnList and convert it back to SQL.**
 
@@ -21,4 +21,10 @@ ## :star: Features
   - support select, delete, update and insert type
-  - output the table list that the sql visited with the corresponding authority
+  - output the table and column list that the sql visited with the corresponding authority
 
+## :tada: Install
+
+```bash
+npm install node-sql-parser --save
+```
+
 ## :rocket: Usage
@@ -49,4 +55,21 @@
 
+### Get the SQL visited columns
+
+  - get the column list that the sql visited
+  - the format is **{type}::{tableName}::{columnName}** // type could be select, update, delete or insert
+  - for `select *`, `delete` and `insert into tableName values()` without specified columns, the `.*` column authority regex is required
+
+```javascript
+const { Parser } = require('node-sql-parser');
+const parser = new Parser();
+const columnList = parser.columnList('SELECT t.id FROM t');
+
+console.log(columnList); // ["select::t::id"]
+```
+
 ### Check the SQL with Authority List
 
+- check table authority
+- `whiteListCheck` function check on `table` mode by default
+
 ```javascript
@@ -56,6 +79,16 @@ const { Parser } = require('node-sql-parser');
 const sql = 'UPDATE a SET id = 1 WHERE name IN (SELECT name FROM b)'
-const whiteList = ['(select|update)::(.*)::(a|b)'] // array that contain multiple authorities
-parser.whiteListCheck(sql, whiteList) // if check failed, an error would be thrown with relevant error message, if passed it would return undefined
+const whiteTableList = ['(select|update)::(.*)::(a|b)'] // array that contain multiple authorities
+parser.whiteListCheck(sql, whiteTableList, 'table') // if check failed, an error would be thrown with relevant error message, if passed it would return undefined
 ```
 
+- check column authority
+
+```javascript
+const { Parser } = require('node-sql-parser');
+const parser = new Parser();
+const sql = 'UPDATE a SET id = 1 WHERE name IN (SELECT name FROM b)'
+const whiteColumnList = ['select::null::name', 'update::a::id'] // array that contain multiple authorities
+parser.whiteListCheck(sql, whiteColumnList, 'column') // if check failed, an error would be thrown with relevant error message, if passed it would return undefined
+```
+
 ### Convert AST back to SQL
@@ -62,0 +95,0 @@

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

No v1

Quality

Package is not semver >=1. This means it is not stable and does not support ^ ranges.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

324434

increased by0.65%

Lines of code

11579

increased by0.16%

Number of low quality alerts

0

decreased by-100%

Number of lines in readme file

108

increased by44%

No dependency changes