Class: MagicQuery::Query::Validator

Inherits:

Object

• Object
• MagicQuery::Query::Validator

Defined in:

lib/magic_query/query/validator.rb

Class Method Summary

• .valid?(sql) ⇒ Boolean
• .validate(sql) ⇒ Object

Instance Method Summary

• #check_dangerous_keywords ⇒ Object
• #initialize(sql) ⇒ Validator constructor

  A new instance of Validator.

• #valid? ⇒ Boolean
• #validate ⇒ Object

Constructor Details

#initialize(sql) ⇒ Validator

Returns a new instance of Validator.

# File 'lib/magic_query/query/validator.rb', line 14

def initialize(sql)
  @sql = sql.to_s.strip
end

Class Method Details

.valid?(sql) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/magic_query/query/validator.rb', line 10

def self.valid?(sql)
  new(sql).valid?
end

.validate(sql) ⇒ Object

# File 'lib/magic_query/query/validator.rb', line 6

def self.validate(sql)
  new(sql).validate
end

Instance Method Details

#check_dangerous_keywords ⇒ Object

# File 'lib/magic_query/query/validator.rb', line 32

def check_dangerous_keywords
  errors = []
  dangerous_keywords = %w[DROP DELETE UPDATE INSERT ALTER CREATE TRUNCATE]
  dangerous_keywords.each do |keyword|
    errors << "Query contains dangerous keyword: #{keyword}" if @sql.match?(/\b#{keyword}\b/i)
  end
  errors
end

#valid? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/magic_query/query/validator.rb', line 41

def valid?
  validate.empty?
end

#validate ⇒ Object

# File 'lib/magic_query/query/validator.rb', line 18

def validate
  errors = []

  if @sql.empty?
    errors << 'SQL query is empty'
    return errors
  end

  errors << 'Query must start with SELECT' unless @sql.match?(/^\s*SELECT/i)
  errors.concat(check_dangerous_keywords)

  errors
end