public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

apply security patch: v11.2.x/182-202409301509.patch

Browse Source 
commit a5445cf0c8e05c807cc2c77eac9fd1cc06cf83aa
Author: Scott Lepper <scott.lepper@gmail.com>
Date:   Mon Sep 30 11:08:17 2024 -0400

    disable sql expressions
This commit is contained in:
github-actions[bot]
2024-10-02 15:55:34 +00:00
committed by joshhunt
parent 086b47f098
commit 8ab94e1553
3 changed files with 28 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/expr/sql/db.go
+26
View File
@@ -0,0 +1,26 @@
package sql
import (
"errors"
"github.com/grafana/grafana-plugin-sdk-go/data"
)
type DB struct {
}
func (db *DB) TablesList(rawSQL string) ([]string, error) {
return nil, errors.New("not implemented")
}
func (db *DB) RunCommands(commands []string) (string, error) {
return "", errors.New("not implemented")
}
func (db *DB) QueryFramesInto(name string, query string, frames []*data.Frame, f *data.Frame) error {
return errors.New("not implemented")
}
func NewInMemoryDB() *DB {
return &DB{}
}
pkg/expr/sql/parser.go
+1 -2
View File
@@ -8,7 +8,6 @@ import (
"github.com/grafana/grafana/pkg/infra/log"
"github.com/jeremywohl/flatten"
"github.com/scottlepp/go-duck/duck"
)
const (
@@ -21,7 +20,7 @@ var logger = log.New("sql_expr")
// TablesList returns a list of tables for the sql statement
func TablesList(rawSQL string) ([]string, error) {
duckDB := duck.NewInMemoryDB()
duckDB := NewInMemoryDB()
rawSQL = strings.Replace(rawSQL, "'", "''", -1)
cmd := fmt.Sprintf("SELECT json_serialize_sql('%s')", rawSQL)
ret, err := duckDB.RunCommands([]string{cmd})