Class: Dbviewer::Security::SqlParser

Inherits:

Object

• Object
• Dbviewer::Security::SqlParser

Defined in:

lib/dbviewer/security/sql_parser.rb

Overview

SQL parser for extracting table names from SQL queries Handles complex SQL including CTEs, subqueries, joins, and DML operations

Class Method Summary

• .extract_table_names(sql) ⇒ Array<String>

  Parse SQL query and extract all table names.

Instance Method Summary

• #extract_table_names(sql) ⇒ Array<String>

  Parse SQL query and extract all table names.

Class Method Details

.extract_table_names(sql) ⇒ Array<String>

Parse SQL query and extract all table names

Parameters:

• sql (String) —

  The SQL query to parse

Returns:

• (Array<String>) —

  List of table names found in the query

# File 'lib/dbviewer/security/sql_parser.rb', line 11

def self.extract_table_names(sql)
  new.extract_table_names(sql)
end

Instance Method Details

#extract_table_names(sql) ⇒ Array<String>

Parse SQL query and extract all table names

Parameters:

• sql (String) —

  The SQL query to parse

Returns:

• (Array<String>) —

  List of table names found in the query

# File 'lib/dbviewer/security/sql_parser.rb', line 18

def extract_table_names(sql)
  return [] if sql.nil? || sql.strip.empty?

  # Remove comments and normalize whitespace
  cleaned_sql = clean_sql(sql)

  # Use a more sophisticated approach to handle complex queries
  table_names = Set.new

  # Split by semicolons to handle multiple statements
  statements = cleaned_sql.split(";").map(&:strip).reject(&:empty?)

  statements.each do |statement|
    table_names.merge(extract_tables_from_statement(statement))
  end

  table_names.to_a.compact
end