Skip to content

M
matrix
Commit cb825c03 by 郑冰晶
Options

数据库加密组件

parent 4cf0013f
Showing with 273 additions and 168 deletions
matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/filter/SecurityFilter.java
......@@ -5,6 +5,10 @@ import com.alibaba.druid.filter.FilterChain;
import com.alibaba.druid.proxy.jdbc.*;
import com.alibaba.druid.sql.SQLUtils;
import com.alibaba.druid.sql.ast.SQLStatement;
import com.alibaba.druid.sql.ast.statement.SQLSelectStatement;
import com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlDeleteStatement;
import com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlInsertStatement;
import com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlUpdateStatement;
import com.alibaba.druid.util.Utils;
import com.secoo.mall.datasource.security.constant.PropertyProviderType;
import com.secoo.mall.datasource.security.exception.SecurityBizException;
......@@ -278,22 +282,36 @@ public class SecurityFilter extends SecurityFilterEventAdapter {
}
protected void executeBefore(FilterChain chain,StatementProxy statement, String sql) {
String dbName = securityFilterContext.getDbName(chain.getDataSource().getUrl());
Map<String,Map<String,ColumnRule>> tableRuleMap = securityFilterContext.getTableRuleMap(dbName);
if(tableRuleMap == null){
log.debug("过滤非加密db,dbName={},sql={}",dbName, sql);
return;
}
if (!(statement instanceof PreparedStatementProxy)) {
log.debug("过滤statement:{}", sql);
log.debug("过滤非PreparedStatement,dbName={},sql={}",dbName, sql);
return;
}
PreparedStatementProxyImpl preparedStatement = (PreparedStatementProxyImpl) statement;
// 解析sql
String dbName = securityFilterContext.getDbName(chain.getDataSource().getUrl());
List<SQLStatement> stmtList = SQLUtils.parseStatements(sql, chain.getDataSource().getDbType());
for (SQLStatement stmt : stmtList) {
List<Parameter> encryptColumnParameters = new ArrayList<>();
MySqlSecurityParameterVisitor visitor = new MySqlSecurityParameterVisitor(securityFilterContext.getTableRuleMap(dbName),encryptColumnParameters);
if (!(stmt instanceof SQLSelectStatement)
&& !(stmt instanceof MySqlUpdateStatement)
&& !(stmt instanceof MySqlInsertStatement)
&& !(stmt instanceof MySqlDeleteStatement)) {
log.warn("过滤非[insert|delete|update|select]statement,dbName={},sql={}",dbName, sql);
continue;
}
List<Parameter> encryptParameters = new ArrayList<>();
MySqlSecurityParameterVisitor visitor = new MySqlSecurityParameterVisitor(tableRuleMap,encryptParameters);
stmt.accept(visitor);
// 加密
for(Parameter parameter : encryptColumnParameters){
for(Parameter parameter : encryptParameters){
encrypt(parameter.getColumnRule(), preparedStatement, parameter.getJdbcIndex());
}
}
......
matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/util/CollectionUtil.java 0 → 100644
package com.secoo.mall.datasource.security.util;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class CollectionUtil {
public static <T> List<T> initAdd(List<T> list, T t){
if(list == null){
list = new ArrayList<>();
}
list.add(t);
return list;
}
public static <T> List<T> initAddAll(List<T> list, List<T> subList){
if(list == null){
list = new ArrayList<>();
}
list.addAll(subList);
return list;
}
public static <K,V> Map<K,V> initAdd(Map<K,V> map, K k, V v){
if(map == null){
map = new HashMap<>();
}
map.put(k,v);
return map;
}
public static <K,V> Map<K,V> initAddAll(Map<K,V> map,Map<K,V> subMap){
if(subMap == null){
subMap = new HashMap<>();
}
map.putAll(subMap);
return map;
}
}
matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/visitor/Column.java
package com.secoo.mall.datasource.security.visitor;
import com.secoo.mall.datasource.security.rule.ColumnRule;
public class Column {
private String tableName;
private String columnAlias;
private String columnName;
protected String tableName;
protected String ownerName;
protected String columnName;
protected String columnAlias;
protected Integer columnIndex;
protected ColumnRule columnRule;
public Column(String tableName, String columnAlias, String columnName) {
public Column(String tableName, String ownerName, String columnName, String columnAlias,Integer columnIndex,ColumnRule columnRule) {
this.tableName = tableName;
this.columnAlias = columnAlias;
this.ownerName = ownerName;
this.columnName = columnName;
this.columnAlias = columnAlias;
this.columnIndex = columnIndex;
this.columnRule = columnRule;
}
public String getTableName() {
......@@ -19,12 +27,12 @@ public class Column {
this.tableName = tableName;
}
public String getColumnAlias() {
return columnAlias;
public String getOwnerName() {
return ownerName;
}
public void setColumnAlias(String columnAlias) {
this.columnAlias = columnAlias;
public void setOwnerName(String ownerName) {
this.ownerName = ownerName;
}
public String getColumnName() {
......@@ -35,12 +43,58 @@ public class Column {
this.columnName = columnName;
}
public String getColumnAlias() {
return columnAlias;
}
public void setColumnAlias(String columnAlias) {
this.columnAlias = columnAlias;
}
public Integer getColumnIndex() {
return columnIndex;
}
public void setColumnIndex(Integer columnIndex) {
this.columnIndex = columnIndex;
}
public ColumnRule getColumnRule() {
return columnRule;
}
public void setColumnRule(ColumnRule columnRule) {
this.columnRule = columnRule;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (!(o instanceof Column)) return false;
Column column = (Column) o;
if (getTableName() != null ? !getTableName().equals(column.getTableName()) : column.getTableName() != null)
return false;
if (getOwnerName() != null ? !getOwnerName().equals(column.getOwnerName()) : column.getOwnerName() != null)
return false;
if (getColumnName() != null ? !getColumnName().equals(column.getColumnName()) : column.getColumnName() != null)
return false;
if (getColumnAlias() != null ? !getColumnAlias().equals(column.getColumnAlias()) : column.getColumnAlias() != null)
return false;
if (getColumnIndex() != null ? !getColumnIndex().equals(column.getColumnIndex()) : column.getColumnIndex() != null)
return false;
return getColumnRule() != null ? getColumnRule().equals(column.getColumnRule()) : column.getColumnRule() == null;
}
@Override
public String toString() {
return "Column{" +
"tableName='" + tableName + '\'' +
", columnAlias='" + columnAlias + '\'' +
", columnName='" + columnName + '\'' +
'}';
public int hashCode() {
int result = getTableName() != null ? getTableName().hashCode() : 0;
result = 31 * result + (getOwnerName() != null ? getOwnerName().hashCode() : 0);
result = 31 * result + (getColumnName() != null ? getColumnName().hashCode() : 0);
result = 31 * result + (getColumnAlias() != null ? getColumnAlias().hashCode() : 0);
result = 31 * result + (getColumnIndex() != null ? getColumnIndex().hashCode() : 0);
result = 31 * result + (getColumnRule() != null ? getColumnRule().hashCode() : 0);
return result;
}
}
matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/visitor/MySqlSecurityParameterVisitor.java
......@@ -9,8 +9,10 @@ import com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlInsertStatement;
import com.alibaba.druid.sql.dialect.mysql.visitor.MySqlSchemaStatVisitor;
import com.alibaba.druid.sql.parser.Token;
import com.secoo.mall.datasource.security.rule.ColumnRule;
import com.secoo.mall.datasource.security.util.CollectionUtil;
import java.util.*;
import java.util.stream.Collectors;
public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
/**
......@@ -20,12 +22,12 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
/**
* 加密列参数
*/
protected List<Parameter> encryptColumnParameters;
protected List<Parameter> encryptParameters;
public MySqlSecurityParameterVisitor(Map<String,Map<String,ColumnRule>> tableRuleMap, List<Parameter> encryptColumnParameters) {
public MySqlSecurityParameterVisitor(Map<String,Map<String,ColumnRule>> tableRuleMap, List<Parameter> encryptParameters) {
super();
this.tableRuleMap = tableRuleMap;
this.encryptColumnParameters = encryptColumnParameters;
this.encryptParameters = encryptParameters;
}
public Map<String, Map<String, ColumnRule>> getTableRuleMap() {
......@@ -36,71 +38,12 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
this.tableRuleMap = tableRuleMap;
}
public List<Parameter> getEncryptColumnParameters() {
return encryptColumnParameters;
public List<Parameter> getEncryptParameters() {
return encryptParameters;
}
public void setEncryptColumnParameters(List<Parameter> encryptColumnParameters) {
this.encryptColumnParameters = encryptColumnParameters;
}
@Override
public boolean visit(SQLVariantRefExpr x) {
if(!Token.QUES.name.equals(x.getName())){
return true;
}
SQLObject parent = x.getParent();
SQLExpr columnExpr = null;
// where
// where - 普通条件
if(parent instanceof SQLBinaryOpExpr){
SQLBinaryOpExpr sqlBinaryOpExpr = (SQLBinaryOpExpr) parent;
if(sqlBinaryOpExpr.getRight() instanceof SQLVariantRefExpr){
columnExpr = sqlBinaryOpExpr.getLeft();
}else{
columnExpr = sqlBinaryOpExpr.getRight();
}
}
// where - between
else if(parent instanceof SQLBetweenExpr){
SQLBetweenExpr sqlBetweenExpr = (SQLBetweenExpr) parent;
columnExpr = sqlBetweenExpr.getTestExpr();
}
// where - in
else if(parent instanceof SQLInListExpr){
SQLInListExpr sqlInListExpr = (SQLInListExpr) parent;
columnExpr = sqlInListExpr.getExpr();
}
// where - 子查询:不处理
else if(parent instanceof SQLInSubQueryExpr){
}
// update - item
else if(parent instanceof SQLUpdateSetItem){
SQLUpdateSetItem sqlUpdateSetItem = (SQLUpdateSetItem) parent;
columnExpr = sqlUpdateSetItem.getColumn();
}
// insert - item 不处理
else if (parent instanceof SQLInsertStatement.ValuesClause){
}
if(columnExpr == null){
return true;
}
Column column = this.getMySqlColumn(columnExpr);
if(column == null){
return true;
}
ColumnRule columnRule = this.getColumnRule(column.getTableName(),column.getColumnName());
if(columnRule == null){
return true;
}
this.encryptColumnParameters.add(new Parameter(column,x.getName(), x.getIndex(),columnRule, null));
return true;
public void setEncryptParameters(List<Parameter> encryptParameters) {
this.encryptParameters = encryptParameters;
}
public boolean visit(MySqlInsertStatement x) {
......@@ -117,29 +60,26 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
// 插入sql不能省略列名
List<SQLExpr> columns = x.getColumns();
if(columns.isEmpty()){
return true;
return false;
}
String tableName = x.getTableName().getSimpleName();
// columns
Map<Integer, Column> columnMap = new HashMap<>();
List<Column> encryptColumns = null;
for(int i=0;i<columns.size();i++){
SQLExpr columnSQLExpr = columns.get(i);
String columnName = null;
if(columnSQLExpr instanceof SQLIdentifierExpr){
SQLIdentifierExpr columnSQLIdentifierExpr = (SQLIdentifierExpr) columnSQLExpr;
columnName = columnSQLIdentifierExpr.getName();
}
else if(columnSQLExpr instanceof SQLPropertyExpr){
SQLPropertyExpr columnSQLPropertyExpr = (SQLPropertyExpr) columnSQLExpr;
columnName = columnSQLPropertyExpr.getName();
Column column = this.getEncryptColumn(columnSQLExpr);
if(column == null || column.getColumnRule() == null){
continue;
}
Column column = new Column(tableName,"",columnName,"",null);
columnMap.put(i,column);
column.setColumnIndex(i);
encryptColumns = CollectionUtil.initAdd(encryptColumns,column);
}
// values
if(encryptColumns != null && !encryptColumns.isEmpty()){
Map<Integer,Column> encryptColumnMap = encryptColumns.stream().collect(Collectors.toMap(Column::getColumnIndex, e -> e));
List<MySqlInsertStatement.ValuesClause> valuesClauses = x.getValuesList();
for(SQLInsertStatement.ValuesClause valuesClause:valuesClauses){
List<SQLExpr> values = valuesClause.getValues();
......@@ -153,17 +93,15 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
continue;
}
Column column = columnMap.get(columnIndex);
if(column == null){
Column column = encryptColumnMap.get(columnIndex);
if(column == null || column.getColumnRule() == null){
continue;
}
ColumnRule columnRule = this.getColumnRule(column.getTableName(),column.getColumnName());
if(columnRule == null){
return true;
// 采集加密参数
Parameter parameter = new Parameter(column,variantRefExpr.getName(),variantRefExpr.getIndex(),null);
this.encryptParameters.add(parameter);
}
Parameter parameter = new Parameter(column,variantRefExpr.getName(),variantRefExpr.getIndex(),columnRule,null);
this.encryptColumnParameters.add(parameter);
}
}
......@@ -175,10 +113,11 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
sqlExpr.accept(this);
continue;
}
SQLBinaryOpExpr sqlBinaryOpExpr = (SQLBinaryOpExpr) sqlExpr;
SQLBinaryOpExpr sqlBinaryOpExpr = (SQLBinaryOpExpr) sqlExpr;
SQLExpr left = sqlBinaryOpExpr.getLeft();
SQLExpr right = sqlBinaryOpExpr.getRight();
if (!(right instanceof SQLVariantRefExpr)) {// ?
continue;
}
......@@ -187,20 +126,75 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
continue;
}
Column column = this.getMySqlColumn(left);
if(column == null){
Column column = this.getEncryptColumn(left);
if(column == null || column.getColumnRule() == null){
continue;
}
column.setColumnIndex(i);
ColumnRule columnRule = this.getColumnRule(column.getTableName(),column.getColumnName());
if(columnRule == null){
continue;
this.encryptParameters.add(new Parameter(column,variantRefExpr.getName(), variantRefExpr.getIndex(), null));
}
this.encryptColumnParameters.add(new Parameter(column,variantRefExpr.getName(), variantRefExpr.getIndex(),columnRule, null));
return false;
}
@Override
public boolean visit(SQLVariantRefExpr x) {
if(!Token.QUES.name.equals(x.getName())){
return false;
}
SQLObject parent = x.getParent();
SQLExpr columnExpr = null;
// where
// where - 普通条件
if(parent instanceof SQLBinaryOpExpr){
SQLBinaryOpExpr sqlBinaryOpExpr = (SQLBinaryOpExpr) parent;
if(sqlBinaryOpExpr.getRight() instanceof SQLVariantRefExpr){
columnExpr = sqlBinaryOpExpr.getLeft();
}else{
columnExpr = sqlBinaryOpExpr.getRight();
}
}
// where - between
else if(parent instanceof SQLBetweenExpr){
SQLBetweenExpr sqlBetweenExpr = (SQLBetweenExpr) parent;
columnExpr = sqlBetweenExpr.getTestExpr();
}
// where - in
else if(parent instanceof SQLInListExpr){
SQLInListExpr sqlInListExpr = (SQLInListExpr) parent;
columnExpr = sqlInListExpr.getExpr();
}
// where - 子查询:不处理
else if(parent instanceof SQLInSubQueryExpr){
return true;
}
// update - item
else if(parent instanceof SQLUpdateSetItem){
SQLUpdateSetItem sqlUpdateSetItem = (SQLUpdateSetItem) parent;
columnExpr = sqlUpdateSetItem.getColumn();
}
// insert - item 不处理
else if (parent instanceof SQLInsertStatement.ValuesClause){
// 获取不到column,直接从MySqlInsertStatement解析
return true;
}else{
return true;
}
if(columnExpr == null){
return false;
}
Column column = this.getEncryptColumn(columnExpr);
if(column == null || column.getColumnRule() == null){
return false;
}
this.encryptParameters.add(new Parameter(column,x.getName(), x.getIndex(), null));
return false;
}
/**
......@@ -227,12 +221,13 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
* @param columnExpr
* @return
*/
protected Column getMySqlColumn(SQLExpr columnExpr){
protected Column getEncryptColumn(SQLExpr columnExpr){
// unwrap
columnExpr = unwrapExpr(columnExpr);
String columnName = null;
String tableName = null;
String columnName = null;
String ownerName = null;
if(columnExpr instanceof SQLIdentifierExpr){// name = ?
SQLIdentifierExpr sqlIdentifierExpr = (SQLIdentifierExpr) columnExpr;
......@@ -254,6 +249,7 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
}else if(columnExpr instanceof SQLPropertyExpr){
SQLPropertyExpr sqlPropertyExpr = (SQLPropertyExpr) columnExpr;
columnName = sqlPropertyExpr.getName();
ownerName = sqlPropertyExpr.getOwnernName();
SQLExpr owner = sqlPropertyExpr.getOwner();
SQLObject resolvedOwnerObject = sqlPropertyExpr.getResolvedOwnerObject();
......@@ -283,7 +279,12 @@ public class MySqlSecurityParameterVisitor extends MySqlSchemaStatVisitor {
return null;
}
return new Column(tableName,"",columnName,"",null);
ColumnRule columnRule = this.getColumnRule(tableName,columnName);
if(columnRule == null){
return null;
}
return new Column(tableName,ownerName,columnName,"",null,columnRule);
}
private SQLExpr unwrapExpr(SQLExpr expr) {
......
matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/main/java/com/secoo/mall/datasource/security/visitor/Parameter.java
......@@ -2,45 +2,30 @@ package com.secoo.mall.datasource.security.visitor;
import com.secoo.mall.datasource.security.rule.ColumnRule;
public class Parameter {
private String tableName;
private String columnAlias;
private String columnName;
private int jdbcIndex;
public class Parameter extends Column {
private Object value;
private ColumnRule columnRule;
private int jdbcIndex;
private Integer addJdbcIndex;
public Parameter(String tableName, String columnAlias, String columnName, int jdbcIndex, Object value,ColumnRule columnRule) {
this.tableName = tableName;
this.columnAlias = columnAlias;
this.columnName = columnName;
this.jdbcIndex = jdbcIndex;
public Parameter(String tableName, String ownerName, String columnName, String columnAlias,Integer columnIndex, ColumnRule columnRule,
Object value, int jdbcIndex, Integer addJdbcIndex) {
super(tableName,ownerName,columnName,columnAlias,columnIndex,columnRule);
this.value = value;
this.columnRule = columnRule;
}
public String getTableName() {
return tableName;
}
public void setTableName(String tableName) {
this.tableName = tableName;
}
public String getColumnAlias() {
return columnAlias;
this.jdbcIndex = jdbcIndex;
this.addJdbcIndex = addJdbcIndex;
}
public void setColumnAlias(String columnAlias) {
this.columnAlias = columnAlias;
public Parameter(Column column,
Object value, int jdbcIndex, Integer addJdbcIndex) {
this(column.getTableName(),column.getOwnerName(),column.getColumnName(),column.getColumnAlias(),column.getColumnIndex(),column.getColumnRule(),value,jdbcIndex,addJdbcIndex);
}
public String getColumnName() {
return columnName;
public Object getValue() {
return value;
}
public void setColumnName(String columnName) {
this.columnName = columnName;
public void setValue(Object value) {
this.value = value;
}
public int getJdbcIndex() {
......@@ -51,31 +36,33 @@ public class Parameter {
this.jdbcIndex = jdbcIndex;
}
public Object getValue() {
return value;
public Integer getAddJdbcIndex() {
return addJdbcIndex;
}
public void setValue(Object value) {
this.value = value;
public void setAddJdbcIndex(Integer addJdbcIndex) {
this.addJdbcIndex = addJdbcIndex;
}
public ColumnRule getColumnRule() {
return columnRule;
}
@Override
public boolean equals(Object o) {
if (this == o) return true;
if (!(o instanceof Parameter)) return false;
if (!super.equals(o)) return false;
Parameter parameter = (Parameter) o;
public void setColumnRule(ColumnRule columnRule) {
this.columnRule = columnRule;
if (getJdbcIndex() != parameter.getJdbcIndex()) return false;
if (getValue() != null ? !getValue().equals(parameter.getValue()) : parameter.getValue() != null) return false;
return getAddJdbcIndex() != null ? getAddJdbcIndex().equals(parameter.getAddJdbcIndex()) : parameter.getAddJdbcIndex() == null;
}
@Override
public String toString() {
return "Parameter{" +
"tableName='" + tableName + '\'' +
", columnAlias='" + columnAlias + '\'' +
", columnName='" + columnName + '\'' +
", jdbcIndex=" + jdbcIndex +
", value=" + value +
", columnRule=" + columnRule +
'}';
public int hashCode() {
int result = super.hashCode();
result = 31 * result + (getValue() != null ? getValue().hashCode() : 0);
result = 31 * result + getJdbcIndex();
result = 31 * result + (getAddJdbcIndex() != null ? getAddJdbcIndex().hashCode() : 0);
return result;
}
}
matrix-datasource/matrix-datasource-security/matrix-datasource-security-druid/src/test/java/com/secoo/mall/datasource/security/SQLParserTest.java
......@@ -10,8 +10,10 @@ import com.alibaba.druid.sql.ast.statement.SQLUpdateSetItem;
import com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlDeleteStatement;
import com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlInsertStatement;
import com.alibaba.druid.sql.dialect.mysql.ast.statement.MySqlUpdateStatement;
import com.alibaba.druid.util.JdbcConstants;
import com.alibaba.fastjson.JSON;
import com.secoo.mall.datasource.security.visitor.MySqlSecurityParameterVisitor;
import com.secoo.mall.datasource.security.visitor.MySqlSecurityParameterVisitor2;
import com.secoo.mall.datasource.security.visitor.Parameter;
import org.apache.commons.collections.CollectionUtils;
......@@ -20,10 +22,11 @@ import java.util.List;
public class SQLParserTest {
public static void testVisitor(){
// String sql = "select u.name,a.age from t_user u,t_account a where u.id = a.id and u.id > 12 and u.height between ? and ? and t_account.age >? and a.name in('tom', ? ,'john') order by id desc;";
// String sql = "SELECT Sname FROM Student WHERE Sno IN(SELECT Sno FROM SC WHERE Cno='2');";
String sql = "select u.name,a.age from t_user u,t_account a where u.id = a.id and u.id > 12 and u.height between ? and ? and t_account.age >? and a.name in('tom', ? ,'john') order by id desc;";
// String sql = "select secooStoreDB.t_sequence.`code` from secooStoreDB.t_sequence,secooStoreDB.t_store_fail_mq where secooStoreDB.t_sequence.`code`=secooStoreDB.t_store_fail_mq.topic";
// String sql = "delete from t_sequence";
String sql = "INSERT INTO `secooStoreDB`.`t_sequence`(`secooStoreDB`.`t_sequence`.`name`, `t_sequence`.`current_value`, `increment`, `code`) VALUES (?, 4551, 1, 2),('t_store_category', ?, 1, ?);";
// String sql = "INSERT INTO `secooStoreDB`.`t_sequence`(`secooStoreDB`.`t_sequence`.`name`, `t_sequence`.`current_value`, `increment`, `code`) VALUES (?, 4551, 1, 2),('t_store_category', ?, 1, ?);";
// String sql = "INSERT INTO `secooStoreDB`.`t_sequence` VALUES ('t_store', 4551, 1, 2),('t_store_category', 65015, 1, 1)";
// String sql = "update t_user set name=?,age=10 where id = id and id > 12";
// String sql = "update t_user u,t_account a set u.name=?,a.age=10 where u.id = a.id and u.id > 12 and a.age >?";
......@@ -38,10 +41,12 @@ public class SQLParserTest {
// MySqlSchemaStatVisitor visitor = new MySqlSchemaStatVisitor();
List<Parameter> encryptColumnParameters = new ArrayList<>();
MySqlSecurityParameterVisitor visitor = new MySqlSecurityParameterVisitor(null,encryptColumnParameters);
// MySqlSecurityParameterVisitor visitor = new MySqlSecurityParameterVisitor(null,encryptColumnParameters);
MySqlSecurityParameterVisitor2 visitor = new MySqlSecurityParameterVisitor2(null,encryptColumnParameters);
stmt.accept(visitor);
System.out.println("encryptColumnParameters=" + JSON.toJSONString(encryptColumnParameters));
// System.out.println(visitor.getParameters());
System.out.println(stmt.toString());
// System.out.println(visitor.getConditions());
if(CollectionUtils.isNotEmpty(encryptColumnParameters)){
return;
}
......@@ -56,7 +61,7 @@ public class SQLParserTest {
}else if(stmt instanceof MySqlDeleteStatement){
MySqlDeleteStatement deleteStmt = (MySqlDeleteStatement) stmt;
System.out.println("---");
}else if (stmt instanceof MySqlInsertStatement) {
}else if (stmt instanceof MySqlInsertStatement){
MySqlInsertStatement insertStmt = (MySqlInsertStatement) stmt;
String tableName = insertStmt.getTableName().getSimpleName();
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment