kevin/aichat
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

up

Browse Source
This commit is contained in:
kevin
2026-06-09 19:37:26 +08:00
parent 5150a23256
commit 721caccc58
5 changed files with 1025 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
agents/SQL_query/sql_query_test.go
+36
View File
@@ -0,0 +1,36 @@
package sqlquery
import "testing"
func TestValidateReadOnlySQLAllowsSelectAndWith(t *testing.T) {
queries := []string{
"SELECT * FROM events LIMIT 10",
"select id, created_at from events where content = 'delete keyword in text' limit 5;",
"WITH recent AS (SELECT * FROM events LIMIT 10) SELECT * FROM recent",
}
for _, query := range queries {
if err := ValidateReadOnlySQL(query); err != nil {
t.Fatalf("ValidateReadOnlySQL(%q) returned error: %v", query, err)
}
}
}
func TestValidateReadOnlySQLRejectsUnsafeStatements(t *testing.T) {
queries := []string{
"",
"DELETE FROM events",
"UPDATE events SET content='x'",
"DROP TABLE events",
"SELECT * FROM events; DELETE FROM events",
"SELECT * INTO OUTFILE '/tmp/x' FROM events",
"SELECT SLEEP(10)",
"ATTACH DATABASE 'x' AS y",
"VACUUM",
"SELECT * FROM events -- comment",
}
for _, query := range queries {
if err := ValidateReadOnlySQL(query); err == nil {
t.Fatalf("ValidateReadOnlySQL(%q) returned nil, want error", query)
}
}
}