Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Create Project: Issue SQL Query - Query cannot contain data manipulation keyword: DELETE #6019

Closed
franparrastome opened this issue Aug 19, 2023 · 3 comments · Fixed by #6022
Closed

Create Project: Issue SQL Query - Query cannot contain data manipulation keyword: DELETE #6019

franparrastome opened this issue Aug 19, 2023 · 3 comments · Fixed by #6022
Assignees
@tfmorris
Labels
SQL/database Integration with SQL databases in general Type: Bug Issues related to software defects or unexpected behavior, which require resolution.
Milestone
3.8

Comments

@franparrastome
Copy link

To Reproduce

Steps to reproduce the behavior:

  1. First, create a new project
  2. Then, select database and create a query where any column name contain the word delete, for example "isdeleted"
  3. Finally, click preview query result

Current Results

Message: Query cannot contain data manipulation keyword: DELETE

Expected Behavior

Query should run

Screenshots

image

Versions

  • Operating System: Windows 10
  • Browser Version: Google Chrome Version 116.0.5845.96 (Official Build) (64-bit)
  • JRE or JDK Version: JRE 1.8
  • OpenRefine: OpenRefine 3.7.4

Datasets

Additional context
@franparrastome franparrastome added Type: Bug Issues related to software defects or unexpected behavior, which require resolution. Status: Pending Review Indicates that the issue or pull request is awaiting review by project maintainers or collaborators labels Aug 19, 2023
@wetneb wetneb added SQL/database Integration with SQL databases in general and removed Status: Pending Review Indicates that the issue or pull request is awaiting review by project maintainers or collaborators labels Aug 21, 2023
tfmorris added a commit to tfmorris/OpenRefine that referenced this issue Aug 22, 2023
@tfmorris
Make SQL keyword detection more reliable. Fixes OpenRefine#6019
3748104
@tfmorris tfmorris mentioned this issue Aug 22, 2023
Merged
@tfmorris
Copy link
Member

I've put up a draft PR for discussion which fixes this, but I'm not convinced that we shouldn't just remove all the checking code, since it's basically impossible to do reliably when the user can submit arbitrary SQL. The DB admin should be restricted read/write access to only those users who are trusted.

@tfmorris tfmorris self-assigned this Aug 22, 2023
@tfmorris
Copy link
Member

@franparrastome Do you have an opinion on whether we should attempt to improve the SQL "bad verb" detection or just remove it altogether? I'm leaning towards removing it.

@franparrastome
Copy link
Author

franparrastome commented Aug 23, 2023 via email

tfmorris added a commit to tfmorris/OpenRefine that referenced this issue Sep 13, 2023
@tfmorris
Remove SQL keyword checking. Fixes OpenRefine#6019
ff75781
tfmorris added a commit that referenced this issue Sep 13, 2023
@tfmorris
Remove SQL keyword checking. Fixes #6019 (#6022)
65a7490
@tfmorris tfmorris added this to the 3.8 milestone Oct 26, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tfmorris tfmorris

Labels
SQL/database Integration with SQL databases in general Type: Bug Issues related to software defects or unexpected behavior, which require resolution.
Projects
None yet
Milestone
3.8
Development

Successfully merging a pull request may close this issue.

Improve SQL bad keyword detection - fixes #6019 tfmorris/OpenRefine
3 participants
@tfmorris @wetneb @franparrastome