1、把需要筛选的字段和条件分开,目前未支持case when以及自定义函数,实现如何下:

VerifySqlLegitimacyServiceImpl:

/*** File Name:VerifySqlLegitimacyServiceImpl.java* Date:2018年9月18日上午8:52:27
*/import java.io.StringReader;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;import org.apache.commons.lang.StringUtils;
import org.springframework.stereotype.Service;import lombok.extern.slf4j.Slf4j;
import net.sf.jsqlparser.JSQLParserException;
import net.sf.jsqlparser.expression.Alias;
import net.sf.jsqlparser.expression.AllComparisonExpression;
import net.sf.jsqlparser.expression.AnalyticExpression;
import net.sf.jsqlparser.expression.AnyComparisonExpression;
import net.sf.jsqlparser.expression.BinaryExpression;
import net.sf.jsqlparser.expression.CaseExpression;
import net.sf.jsqlparser.expression.CastExpression;
import net.sf.jsqlparser.expression.DateTimeLiteralExpression;
import net.sf.jsqlparser.expression.DateValue;
import net.sf.jsqlparser.expression.DoubleValue;
import net.sf.jsqlparser.expression.Expression;
import net.sf.jsqlparser.expression.ExtractExpression;
import net.sf.jsqlparser.expression.Function;
import net.sf.jsqlparser.expression.HexValue;
import net.sf.jsqlparser.expression.IntervalExpression;
import net.sf.jsqlparser.expression.JdbcNamedParameter;
import net.sf.jsqlparser.expression.JdbcParameter;
import net.sf.jsqlparser.expression.JsonExpression;
import net.sf.jsqlparser.expression.KeepExpression;
import net.sf.jsqlparser.expression.LongValue;
import net.sf.jsqlparser.expression.MySQLGroupConcat;
import net.sf.jsqlparser.expression.NullValue;
import net.sf.jsqlparser.expression.NumericBind;
import net.sf.jsqlparser.expression.OracleHierarchicalExpression;
import net.sf.jsqlparser.expression.OracleHint;
import net.sf.jsqlparser.expression.Parenthesis;
import net.sf.jsqlparser.expression.RowConstructor;
import net.sf.jsqlparser.expression.SignedExpression;
import net.sf.jsqlparser.expression.StringValue;
import net.sf.jsqlparser.expression.TimeKeyExpression;
import net.sf.jsqlparser.expression.TimeValue;
import net.sf.jsqlparser.expression.TimestampValue;
import net.sf.jsqlparser.expression.WhenClause;
import net.sf.jsqlparser.expression.operators.arithmetic.Addition;
import net.sf.jsqlparser.expression.operators.arithmetic.BitwiseAnd;
import net.sf.jsqlparser.expression.operators.arithmetic.BitwiseOr;
import net.sf.jsqlparser.expression.operators.arithmetic.BitwiseXor;
import net.sf.jsqlparser.expression.operators.arithmetic.Concat;
import net.sf.jsqlparser.expression.operators.arithmetic.Division;
import net.sf.jsqlparser.expression.operators.arithmetic.Modulo;
import net.sf.jsqlparser.expression.operators.arithmetic.Multiplication;
import net.sf.jsqlparser.expression.operators.arithmetic.Subtraction;
import net.sf.jsqlparser.expression.operators.conditional.AndExpression;
import net.sf.jsqlparser.expression.operators.conditional.OrExpression;
import net.sf.jsqlparser.expression.operators.relational.Between;
import net.sf.jsqlparser.expression.operators.relational.ComparisonOperator;
import net.sf.jsqlparser.expression.operators.relational.EqualsTo;
import net.sf.jsqlparser.expression.operators.relational.ExistsExpression;
import net.sf.jsqlparser.expression.operators.relational.ExpressionList;
import net.sf.jsqlparser.expression.operators.relational.GreaterThan;
import net.sf.jsqlparser.expression.operators.relational.GreaterThanEquals;
import net.sf.jsqlparser.expression.operators.relational.InExpression;
import net.sf.jsqlparser.expression.operators.relational.IsNullExpression;
import net.sf.jsqlparser.expression.operators.relational.ItemsList;
import net.sf.jsqlparser.expression.operators.relational.LikeExpression;
import net.sf.jsqlparser.expression.operators.relational.Matches;
import net.sf.jsqlparser.expression.operators.relational.MinorThan;
import net.sf.jsqlparser.expression.operators.relational.MinorThanEquals;
import net.sf.jsqlparser.expression.operators.relational.NotEqualsTo;
import net.sf.jsqlparser.expression.operators.relational.RegExpMatchOperator;
import net.sf.jsqlparser.expression.operators.relational.RegExpMySQLOperator;
import net.sf.jsqlparser.parser.CCJSqlParserManager;
import net.sf.jsqlparser.parser.ParseException;
import net.sf.jsqlparser.parser.Token;
import net.sf.jsqlparser.schema.Column;
import net.sf.jsqlparser.statement.Statement;
import net.sf.jsqlparser.statement.select.AllTableColumns;
import net.sf.jsqlparser.statement.select.PlainSelect;
import net.sf.jsqlparser.statement.select.Select;
import net.sf.jsqlparser.statement.select.SelectExpressionItem;
import net.sf.jsqlparser.statement.select.SelectItem;
import net.sf.jsqlparser.statement.select.SubSelect;/***  ClassName:VerifySqlLegitimacyServiceImpl <br/>* Function: 验证sql的合法性<br/>* Date: 2018年8月24日 下午2:47:18 <br/>* @version* @since JDK 1.8* @see*/
@Service
@Slf4j
public class VerifySqlLegitimacyServiceImpl implements VerifySqlLegitimacyService
{private final static String sql_select = "SELECT ";private final static String sql_from = " FROM table";private final static String sql_from_where = sql_select + "*" + sql_from + " WHERE ";/**** verifyField:(验证sql字段). <br/>* * @author hewanwan* @param sql* @throws JSQLParserException* @since JDK 1.8*/public ResultMap<ErrorMessage> verifyField(String sql){CCJSqlParserManager parser = new CCJSqlParserManager();StringBuilder buffer = new StringBuilder();ResultMap<ErrorMessage> result = new ResultMap<>();ErrorMessage errorMessage = new ErrorMessage();sql = sql.trim();String parseSql = sql_select + sql.trim() + sql_from;try{Statement stmt = parser.parse(new StringReader(parseSql));if (stmt instanceof Select){Select selectStatement = (Select) stmt;PlainSelect selectBody = (PlainSelect) selectStatement.getSelectBody();List<SelectItem> selectItemlist = selectBody.getSelectItems();SelectExpressionItem selectExpressionItem = null;Expression expression = null;AllTableColumns allTableColumns = null;Alias alias = null;SelectItem selectItem = null;if (selectItemlist != null){for (int i = 0; i < selectItemlist.size(); i++){selectItem = selectItemlist.get(i);if (selectItem instanceof SelectExpressionItem){if(i!=0){buffer.append(", ");}selectItem = (SelectExpressionItem) selectItem;selectExpressionItem = (SelectExpressionItem) selectItemlist.get(i);buffer.append(selectExpressionItem.toString());alias = selectExpressionItem.getAlias();if (alias != null && !judgeAlias(alias, buffer, selectExpressionItem, result)) // 如果没有验证通过,则进行返回{result.getData().setOtherField(selectBody.toString().substring(sql_select.length(),selectBody.toString().lastIndexOf(sql_from)));return result;}expression = selectExpressionItem.getExpression();// 获取字段if (!judgEexpression(expression, buffer, selectExpressionItem, result, alias, true)){result.getData().setOtherField(selectBody.toString().substring(sql_select.length(),selectBody.toString().lastIndexOf(sql_from)));return result;}} else if (selectItem instanceof AllTableColumns){selectItem = (AllTableColumns) selectItem;allTableColumns = (AllTableColumns) selectItemlist.get(i);buffer.append(allTableColumns.toString());result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());result.setMsg(ErrorCodes.ERROR_NAME_RULE.getDesc());Integer startPosition = buffer.length() - allTableColumns.toString().length();Integer endPosition = buffer.length();errorMessage.setErrorMessage(startPosition, endPosition, allTableColumns.toString());result.setData(errorMessage);result.getData().setOtherField(selectBody.toString().substring(sql_select.length(),selectBody.toString().lastIndexOf(sql_from)));return result;} else {if(i!=0){buffer.append(", ");}buffer.append(selectItem.toString());}}}}} catch (JSQLParserException e){log.error("verifyField Exception", e);if (e.getCause() instanceof ParseException){/** ParseException parseException = (ParseException)* e.getCause(); String message = parseException.getMessage();* String start = StringUtils.substringBetween(message,* "column ", "."); Integer* startPosition=Integer.parseInt(start); Integer* endPosition=null; String wrongField=null; Integer from* =sql.lastIndexOf("from"); String s=StringUtils.substring(sql,* Integer.parseInt(start)-1, from); if(s.contains(",")) {* String column=StringUtils.substringBefore(s, ",");* if(column.contains("AS".toLowerCase())) {* wrongField=StringUtils.substringBefore(column,* "As".toLowerCase()).trim(); }else* if(column.trim().contains(" ")){* wrongField=StringUtils.substringBefore(column, " "); }else {* wrongField=column.trim(); }* endPosition=startPosition+wrongField.length()-1;* errorMessage.setErrorMessage(startPosition, endPosition,* wrongField,""); }else{ if(s.contains("AS".toLowerCase())) {* wrongField=StringUtils.substringBefore(s,* "As".toLowerCase()).trim(); }else {* wrongField=StringUtils.substringBefore(s, " "); }* endPosition=startPosition+wrongField.length()-1;* errorMessage.setErrorMessage(startPosition, endPosition,* wrongField,""); }* result.setMsg(ErrorCodes.ERROR_NAME_RULE.getDesc());* result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());* result.setData(errorMessage); return result;*/if (e.getCause() instanceof ParseException){ParseException parseException = (ParseException) e.getCause();/*    String message = parseException.getMessage();String mes = StringUtils.substringBetween(message, "Encountered unexpected token: ", "at");String wrongField = StringUtils.substringBetween(mes, "\"", "\"");Integer end = Integer.valueOf(StringUtils.substringBetween(message, "column", ".").trim());*/   Token token = parseException.currentToken;errorMessage.setEndPosition(token.absoluteEnd- sql_select.length());errorMessage.setStartPosition(token.absoluteBegin- sql_select.length());errorMessage.setOtherField(sql);errorMessage.setWrongField(token.toString());result.setCode(ErrorCodes.ERROR_GRAMMAR_RULE.getCode());result.setMsg(ErrorCodes.ERROR_GRAMMAR_RULE.getDesc());result.setData(errorMessage);} else{result.setCode(ErrorCodes.ERROR_GRAMMAR_RULE.getCode());result.setMsg(ErrorCodes.ERROR_GRAMMAR_RULE.getDesc());}}} catch (Exception e){log.error("verifyField Exception", e);result.setCode(ErrorCodes.ERROR_GRAMMAR_RULE.getCode());result.setMsg(ErrorCodes.ERROR_GRAMMAR_RULE.getDesc());}return result;}/**** 当return false 返回错误信息 errorInfo:(这里用一句话描述这个方法的作用). <br/>* TODO(这里描述这个方法适用条件 – 可选).<br/>* TODO(这里描述这个方法的执行流程 – 可选).<br/>** @author hewanwan* @param a* @param buffer* @param result* @return* @since JDK 1.8*/public ResultMap<ErrorMessage> errorInfo(Object a, StringBuilder buffer, ResultMap<ErrorMessage> result){ErrorMessage errorMessage = new ErrorMessage();result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());result.setMsg(ErrorCodes.ERROR_NAME_RULE.getDesc());Integer startPosition = buffer.length() - a.toString().length();Integer endPosition = buffer.length();errorMessage.setErrorMessage(startPosition, endPosition, a.toString());result.setData(errorMessage);return result;}public boolean judgEexpression(Expression expression, StringBuilder buffer,SelectExpressionItem selectExpressionItem, ResultMap<ErrorMessage> result, Alias alias,boolean isValidateAlias){/** Integer startPosition = null; Integer endPosition = null;*/String columnName = null;boolean flag = true;// ErrorMessage errorMessage = new ErrorMessage();if (expression instanceof NullValue || expression instanceof Function || expression instanceof SignedExpression|| expression instanceof JdbcParameter || expression instanceof JdbcNamedParameter|| expression instanceof HexValue || expression instanceof CaseExpression|| expression instanceof WhenClause || expression instanceof DateTimeLiteralExpression|| expression instanceof Concat || expression instanceof ExtractExpression|| expression instanceof IntervalExpression || expression instanceof RegExpMatchOperator|| expression instanceof NumericBind || expression instanceof KeepExpression){result = errorInfo(selectExpressionItem, buffer, result);/** result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());* result.setMsg(ErrorCodes.FAILED.getDesc()); startPosition =* buffer.length() - selectExpressionItem.toString().length();* endPosition = buffer.length();* errorMessage.setErrorMessage(startPosition, endPosition,* selectExpressionItem.toString(),"");* result.setData(errorMessage);*/return false;}if (expression instanceof DoubleValue || expression instanceof LongValue || expression instanceof DateValue|| expression instanceof TimeValue || expression instanceof TimestampValue|| expression instanceof StringValue){if (isValidateAlias && alias == null){result = errorInfo(selectExpressionItem, buffer, result);/** result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());* result.setMsg(ErrorCodes.FAILED.getDesc()); startPosition =* buffer.length() - selectExpressionItem.toString().length();* endPosition = buffer.length();* errorMessage.setErrorMessage(startPosition, endPosition,* selectExpressionItem.toString(),"");* result.setData(errorMessage);*/return false;}} else if (expression instanceof Column){Column column = (Column) expression;// 获取字段columnName = column.getFullyQualifiedName();// `aaaa`.`bbb.ccc`.`cvxcv`List<String> columnNamelist = getColumnNames(columnName);flag = isSpecialChar(columnNamelist);if (flag == false){result = errorInfo(selectExpressionItem, buffer, result);/** result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());* result.setMsg(ErrorCodes.FAILED.getDesc()); startPosition =* buffer.length() - selectExpressionItem.toString().length();* endPosition = buffer.length();* errorMessage.setErrorMessage(startPosition, endPosition,* selectExpressionItem.toString(),"");* result.setData(errorMessage);*/return false;}} else if (expression instanceof Parenthesis){Parenthesis parenthesis = (Parenthesis) expression;if (parenthesis.isNot()){// TODO:需要修改result = errorInfo(selectExpressionItem, buffer, result);/** result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());* result.setMsg(ErrorCodes.FAILED.getDesc()); startPosition =* buffer.length() - selectExpressionItem.toString().length();* endPosition = buffer.length();* errorMessage.setErrorMessage(startPosition, endPosition,* selectExpressionItem.toString(),"");* result.setData(errorMessage);*/return false;}if (!judgEexpression(parenthesis.getExpression(), buffer, selectExpressionItem, result, alias, false)){return false;}} else if (expression instanceof Addition || expression instanceof Division || expression instanceofMultiplication || expression instanceof Subtraction){if (isValidateAlias && alias == null){result = errorInfo(selectExpressionItem, buffer, result);return false;}BinaryExpression binaryExpression = (BinaryExpression) expression;if (!judgEexpression(binaryExpression.getLeftExpression(), buffer, selectExpressionItem, result,alias, false)){return false;}if (!judgEexpression(binaryExpression.getRightExpression(), buffer, selectExpressionItem, result,alias, false)){return false;}}return true;}/*** judgeAlias: 判断别名. <br/>* * @author liupingan* @param alias* @param buffer* @param selectExpressionItem* @param result* @return* @since JDK 1.8*/public boolean judgeAlias(Alias alias, StringBuilder buffer, SelectExpressionItem selectExpressionItem,ResultMap<ErrorMessage> result){List<String> columnNamelist = getColumnNames(alias.getName());boolean flag = isSpecialChar(columnNamelist);if (flag == false){result = errorInfo(selectExpressionItem, buffer, result);return false;}return true;}public static List<String> getColumnNames(String source){if (source == null){return null;}int start = source.indexOf("`");if (start == -1){List<String> result = new ArrayList<>();Collections.addAll(result, source.split("\\."));return result;}List<String> result = new ArrayList<>();int end = -1;start = 0;int temp = 0;String tempString = null;for (int i = 0; i < source.split("`").length - 1; i++){temp = source.indexOf("`", start);// 如果相等,并且为第一个if (i == 0 && start == temp){end = source.indexOf("`", temp + 1);if (end == -1)break;tempString = source.substring(temp + 1, end);result.add(tempString);start = end + 2;} else if (i == 0 && start != temp){end = source.indexOf("`", temp + 1);// tempString = source.substring(temp+1, end);Collections.addAll(result, source.substring(0, temp).split("\\."));if (end == -1)break;tempString = source.substring(temp + 1, end);result.add(tempString);start = end + 2;} else if (temp - 2 == end){// 如果为连续的end = source.indexOf("`", temp + 1);if (end == -1)break;tempString = source.substring(temp + 1, end);result.add(tempString);start = end + 2;} else{Collections.addAll(result, source.substring(end + 2, temp).split("\\."));end = source.indexOf("`", temp + 1);if (end == -1)break;tempString = source.substring(temp + 1, end);result.add(tempString);start = end + 2;}i++;}if (end + 1 != source.length()){Collections.addAll(result, source.substring(end + 2).trim().split("\\."));}return result;}/** 验证where条件 */@Overridepublic ResultMap<ErrorMessage> verifyCondition(String sql){CCJSqlParserManager parser = new CCJSqlParserManager();Statement stmt = null;ResultMap<ErrorMessage> result = new ResultMap<>();ErrorMessage errorMessage = new ErrorMessage();sql = sql.trim();String parseSql = sql_from_where + sql;Expression expression = null;try{stmt = parser.parse(new StringReader( parseSql));if (stmt instanceof Select){Select selectStatement = (Select) stmt;PlainSelect selectBody = (PlainSelect) selectStatement.getSelectBody();expression = selectBody.getWhere();StringBuilder buffer = new StringBuilder();if(!judgEexpression(expression, buffer, result)){result.getData().setOtherField(expression.toString());}}} catch (JSQLParserException e){/** if (e.getCause() instanceof ParseException) { ParseException* parseException = (ParseException) e.getCause(); String message =* parseException.getMessage(); String start =* StringUtils.substringBetween(message, "column ", "."); Integer* startPosition=Integer.parseInt(start); Integer endPosition=null;* String wrongField=null; Integer from =sql.lastIndexOf("from");* String s=StringUtils.substring(sql, Integer.parseInt(start)-1,* from); if(s.contains(",")) { String* column=StringUtils.substringBefore(s, ",");* if(column.contains("AS".toLowerCase())) {* wrongField=StringUtils.substringBefore(column,* "As".toLowerCase()).trim(); }else* if(column.trim().contains(" ")){* wrongField=StringUtils.substringBefore(column, " "); }else {* wrongField=column.trim(); }* endPosition=startPosition+wrongField.length()-1;* errorMessage.setErrorMessage(startPosition, endPosition,* wrongField,""); }else{ if(s.contains("AS".toLowerCase())) {* wrongField=StringUtils.substringBefore(s,* "As".toLowerCase()).trim(); }else {* wrongField=StringUtils.substringBefore(s, " "); }* endPosition=startPosition+wrongField.length()-1;* errorMessage.setErrorMessage(startPosition, endPosition,* wrongField,""); } result.setMsg(ErrorCodes.FAILED.getDesc());* result.setCode(ErrorCodes.ERROR_NAME_RULE.getCode());* result.setData(errorMessage); return result;*/log.error("verifyField Exception", e);if (e.getCause() instanceof ParseException){ParseException parseException = (ParseException) e.getCause();/*String message = parseException.getMessage();String mes = StringUtils.substringBetween(message, "Encountered unexpected token: ", "at");String wrongField = StringUtils.substringBetween(mes, "\"", "\"");Integer end = Integer.valueOf(StringUtils.substringBetween(message, "column", ".").trim());*/Token token = parseException.currentToken;errorMessage.setEndPosition(token.absoluteEnd- sql_from_where.length());errorMessage.setStartPosition(token.absoluteBegin- sql_from_where.length());/* errorMessage.setEndPosition(end - sql_from_where.length());errorMessage.setStartPosition(end + wrongField.length() - sql_from_where.length());*/errorMessage.setOtherField(sql.trim());errorMessage.setWrongField(token.toString());result.setCode(ErrorCodes.ERROR_GRAMMAR_RULE.getCode());result.setMsg(ErrorCodes.ERROR_GRAMMAR_RULE.getDesc());result.setData(errorMessage);} else{result.setCode(ErrorCodes.ERROR_GRAMMAR_RULE.getCode());result.setMsg(ErrorCodes.ERROR_GRAMMAR_RULE.getDesc());}} catch (Exception e){log.error("verifyField Exception", e);result.setCode(ErrorCodes.ERROR_GRAMMAR_RULE.getCode());result.setMsg(ErrorCodes.ERROR_GRAMMAR_RULE.getDesc());}return result;}/*** * judgEexpression:(条件语句判断). <br/>* * @author liupingan* @param expression* @param buffer* @param result* @return* @since JDK 1.8*/public boolean judgEexpression(Expression expression, StringBuilder buffer, ResultMap<ErrorMessage> result){AndExpression andExpression = null;OrExpression orExpression = null;Modulo modulo = null;BinaryExpression binaryExpression = null;ComparisonOperator comparisonOperator = null;InExpression inExpression = null;Parenthesis parenthesis = null;ItemsList itemsList = null;Column column = null;String columnName = null;boolean flag = true;if (expression instanceof BitwiseAnd || expression instanceof BitwiseOr || expression instanceof BitwiseXor|| expression instanceof IsNullExpression || expression instanceof Between|| expression instanceof NullValue || expression instanceof Function|| expression instanceof SignedExpression || expression instanceof JdbcParameter|| expression instanceof JdbcNamedParameter || expression instanceof HexValue|| expression instanceof LikeExpression || expression instanceof CaseExpression|| expression instanceof WhenClause || expression instanceof ExistsExpression|| expression instanceof AllComparisonExpression || expression instanceof AnyComparisonExpression|| expression instanceof Concat || expression instanceof Matches|| expression instanceof AnalyticExpression || expression instanceof CastExpression|| expression instanceof ExtractExpression || expression instanceof IntervalExpression|| expression instanceof OracleHierarchicalExpression || expression instanceof RegExpMatchOperator|| expression instanceof JsonExpression || expression instanceof RegExpMySQLOperator|| expression instanceof NumericBind || expression instanceof KeepExpression|| expression instanceof MySQLGroupConcat || expression instanceof RowConstructor|| expression instanceof OracleHint || expression instanceof TimeKeyExpression|| expression instanceof DateTimeLiteralExpression){buffer.append(expression);result = errorInfo(expression, buffer, result);return false;}if (expression instanceof AndExpression){andExpression = (AndExpression) expression;if (andExpression.isNot()){return false;}if (!judgEexpression(andExpression.getLeftExpression(), buffer, result)){return false;}buffer.append(" and ");if (!judgEexpression(andExpression.getRightExpression(), buffer, result)){return false;}} else if (expression instanceof OrExpression){orExpression = (OrExpression) expression;if (orExpression.isNot()){return false;}if (!judgEexpression(orExpression.getLeftExpression(), buffer, result)){return false;}buffer.append(" or ");if (!judgEexpression(orExpression.getRightExpression(), buffer, result)){return false;}} else if (expression instanceof Parenthesis){parenthesis = (Parenthesis) expression;if (parenthesis.isNot()){buffer.append(expression.toString());result = errorInfo(expression, buffer, result);return false;}buffer.append("(");if (!judgEexpression(parenthesis.getExpression(), buffer, result)){buffer.append(")");return false;} else{buffer.append(")");return true;}} else if (expression instanceof Column){column = (Column) expression;columnName = column.getFullyQualifiedName();buffer.append(columnName);List<String> namelist = VerifySqlLegitimacyServiceImpl.getColumnNames(columnName);flag = isSpecialChar(namelist);if (flag == false){result = errorInfo(expression, buffer, result);return false;}} else if (expression instanceof Modulo){// % 取模处理modulo = (Modulo) expression;if (modulo.isNot()){return false;}if (!judgEexpression(modulo.getLeftExpression(), buffer, result)){return false;}buffer.append(" % ");if (!judgEexpression(modulo.getRightExpression(), buffer, result)){return false;}} else if (expression instanceof EqualsTo || expression instanceof GreaterThan|| expression instanceof GreaterThanEquals || expression instanceof MinorThan|| expression instanceof MinorThanEquals || expression instanceof NotEqualsTo){// > >= = < <= != <>处理comparisonOperator = (ComparisonOperator) expression;if (comparisonOperator.isNot()){return false;}if (!judgEexpression(comparisonOperator.getLeftExpression(), buffer, result)){return false;}buffer.append(" "+comparisonOperator.getStringExpression()+" ");if (!judgEexpression(comparisonOperator.getRightExpression(), buffer, result)){return false;}} else if (expression instanceof Addition || expression instanceof Division|| expression instanceof Multiplication || expression instanceof Subtraction){// ( + - * / )加减乘除处理binaryExpression = (BinaryExpression) expression;if (binaryExpression.isNot()){return false;}if (!judgEexpression(binaryExpression.getLeftExpression(), buffer, result)){return false;}buffer.append(" "+binaryExpression.getStringExpression()+" ");if (!judgEexpression(binaryExpression.getRightExpression(), buffer, result)){return false;}} else if (expression instanceof InExpression){// ( + - * / )加减乘除处理inExpression = (InExpression) expression;// itemsList = inExpression.getRightItemsList();ExpressionList expressionList = (ExpressionList) inExpression.getRightItemsList();if (inExpression.isNot()){buffer.append(expression.toString());result = errorInfo(expression, buffer, result);return false;} else if (inExpression.getLeftExpression() == null){result = errorInfo(expression, buffer, result);return false;}if (!judgEexpression(inExpression.getLeftExpression(), buffer, result)){//buffer.append(expression.toString());result = errorInfo(expression, buffer, result);return false;}buffer.append(" IN (");if (expressionList == null){result = errorInfo(expression, buffer, result);return false;}List<Expression> expressionslist = (List<Expression>) expressionList.getExpressions();for (int i = 0; i < expressionslist.size(); i++){if( i !=0){buffer.append(", ");}if (!judgEexpression(expressionslist.get(i), buffer, result)){return false;}}buffer.append(")");if (itemsList instanceof SubSelect){result = errorInfo(expression, buffer, result);return false;}} else if (expression instanceof DoubleValue || expression instanceof LongValue|| expression instanceof DateValue || expression instanceof TimeValue|| expression instanceof TimestampValue){buffer.append(expression.toString());return true;} else if(expression instanceof StringValue){buffer.append("\'"+expression.toString()+"\'");return true;}return true;}/**** 由数字、26个英文字母或者下划线或者.组成的字符串,不能以下划线和.为开头和结尾 不能出现两次下划线* * @return true为包含,false为不包含*/public boolean isSpecialChar(String str){String regEx = "^(?!_)(?!.*?_$)([a-zA-Z0-9.]|_(?!_))+$";boolean flag = str.matches(regEx);return flag;}public boolean isSpecialChar(List<String> strs){boolean flag = true;for (String name : strs){if (!isSpecialChar(name)){return false;}}return flag;}@Overridepublic ResultMap<ErrorMessage> verifyField(InputMap<RuleCheckDto> bean){ResultMap<ErrorMessage> result = new ResultMap<>();if (bean == null || bean.getConfig() == null || bean.getConfig().getUserId() == null|| StringUtils.isBlank(bean.getConfig().getUserId()) || bean.getData() == null|| bean.getData().getFields() == null || StringUtils.isBlank(bean.getData().getFields())){result.setCode(ErrorCodes.FAILED.getCode());result.setMsg(ErrorCodes.FAILED.getDesc());return result;}return verifyField(bean.getData().getFields());}@Overridepublic ResultMap<ErrorMessage> verifyCondition(InputMap<RuleCheckDto> bean){ResultMap<ErrorMessage> result = new ResultMap<>();if (bean == null || bean.getConfig() == null || bean.getConfig().getUserId() == null|| StringUtils.isBlank(bean.getConfig().getUserId()) || bean.getData() == null|| bean.getData().getFields() == null || StringUtils.isBlank(bean.getData().getCondition())){result.setCode(ErrorCodes.FAILED.getCode());result.setMsg(ErrorCodes.FAILED.getDesc());return result;}return verifyCondition(bean.getData().getCondition());}/*** * TODO 如果字段存在,则需要判断,如果条件不存在,则为真* @see com.foxconn.core.pro.server.rule.engine.front.service.VerifySqlLegitimacyService#verifySql(java.lang.String, java.lang.String)*/@Overridepublic ResultMap<ErrorMessage> verifySql(String field, String condition){ResultMap<ErrorMessage> result = new ResultMap<>();if (field == null || StringUtils.isBlank(field)){result.setCode(ErrorCodes.FAILED.getCode());result.setMsg(ErrorCodes.FAILED.getDesc());return result;}result = verifyField(field);if (result == null){result = new ResultMap<>(ErrorCodes.FAILED);} else if (CommonConstant.SERVICE_SUCCESS.equals(result.getCode())){if(condition == null || StringUtils.isBlank(condition)){return result;}result = verifyCondition(condition);if (result == null){result = new ResultMap<>(ErrorCodes.FAILED);}}return result;}
}

JSQLParser 部分解析column以及condition相关推荐

  1. JSqlparser 使用攻略(高效的SQL解析工具)

    JSqlparser github地址 目录 Maven 引用 远程仓库 依赖包 SQL解析 获取SQL中的信息 创建Select的方式 创建Select(非SQL String 创建) Insert ...

  2. java解析表字段_从SQL / HQL Java解析表和列名

    小编典典 您可以使用 TableNamesFinder 来遍历所有列.正如您在结果列表中看到的那样, TableNamesFinder 不会遍历 Columns的 所有出现,因为它不是必需的.因此,这 ...

  3. explain 解析

    EXPLAIN 可以查看 select, delete, insert, replace, update 语句的执行计划(MySQL怎么执行SQL语句的). explain 为select 语句中使用 ...

  4. 【 jsqlparser学习】SQL转换为java类

    jsqlparser学习 一.主要开源API SqlParser是一个SQL语句解析器.它将SQL转换为Java类的可遍历层次结构. 1.guava下的graph包 graph包下的类,解决DAG矢量 ...

  5. java jsqlparse,JSqlParser使用

    JSqlParser是什么 JSqlParser能够解析SQL语句并它翻译成一个Java类层次.它产生的层次可以使用访问者模式导航. maven配置 例子 1.条件表达式 如:AndExpressio ...

  6. MyBatis 源码分析 - 映射文件解析过程

    1.简介 在上一篇文章中,我详细分析了 MyBatis 配置文件的解析过程.由于上一篇文章的篇幅比较大,加之映射文件解析过程也比较复杂的原因.所以我将映射文件解析过程的分析内容从上一篇文章中抽取出来, ...

  7. 数据库中case when condition then else end的理解

    数据库中case when condition then else end的理解 数据库中根据不同的条件求数量或者是总数 select count(case when status=0 then 'd ...

  8. 基于 Roslyn 实现一个简单的条件解析引擎

    基于 Roslyn 实现一个简单的条件解析引擎 Intro 最近在做一个勋章的服务,我们想定义一些勋章的获取条件,满足条件之后就给用户颁发一个勋章,定义条件的时候会定义需要哪些参数,参数的类型,获取勋 ...

  9. 《SpringBoot系列十六》条件装配时ConfigurationCondition和Condition有什么区别?什么时候用ConfigurationCondition?

    一.前言 针对条件装配我们讨论了如下内容: <SpringBoot系列十一>:精讲如何使用@Conditional系列注解做条件装配 <SpringBoot系列十二>:如何自定 ...

最新文章

  1. Python结合mysql的实战_python连接mysql,实战。实现ATM类似功能。
  2. Design Pattern - Chain of Responsibility(C#)
  3. 谈谈IT界8大恐怖预言!
  4. ANDROID L日志系统——JAVAAPI与LIBLOG
  5. 计算机一开机会做什么,新电脑开机需要做什么
  6. 服务器定期监控数据_机房环境监控的实践【斯必得智慧机房 】
  7. java坐标代码_java实现计算地理坐标之间的距离
  8. 脉冲雷达信号处理流程
  9. 实测python-onvif协议控制摄像头
  10. 2013 EE 排名
  11. 让debug apk可以发送给别人安装,并且解决通过微信发给别人apk名字被改为xx.apk.1 导致无法安装
  12. Sixth season fourth episode,Joey lost his insurance!!!!!
  13. Failed to introspect Class druid问题
  14. Cobot与Jenkins集成
  15. 002概率论基本公式
  16. win7安装eclipse
  17. 如何添加企业邮箱?企业邮箱添加成员流程分享
  18. 呼吸心跳信号检测方法(一)
  19. 大数据行业如何获取高薪岗位offer?
  20. Satwe楼板能用弹性模计算吗_SATWE模型转PERFORM-3D实例

热门文章

  1. Redis安装以及在Idea中使用Redis初尝试
  2. 《恒盛策略》政策利好叠加增长态势向好 电信运营商估值或迎持续重塑
  3. 谈谈android中的内存泄漏
  4. 代码 框架_习惯累积沉淀_新浪博客
  5. PR-Traffic
  6. article-三自由度机械臂运动学分析+仿真
  7. Chinapex创略:“小数据”如何驱动数字营销新时代
  8. 支付宝绑定社保;微信正式上线零钱通功能|ServiceHot一周热闻
  9. HTTP1.0、1.1、2.0的关系和区别以及编码和字符集的解释
  10. 新人零基础怎么学UI设计?学UI设计要掌握哪些软件?