@@ -21,6 +21,28 @@ def engine_specific_fields(self) -> list[str]:
2121 """Get the engine specific fields."""
2222 return [DatabaseEngineSpecificFields .DATABASE ]
2323
24+ @property
25+ def invalid_identifiers (self ) -> list [str ]:
26+ """Get the invalid identifiers upon which a sql query is rejected."""
27+
28+ return [
29+ "CURRENT_USER" , # Returns the name of the current user
30+ "SESSION_USER" , # Returns the name of the user that initiated the session
31+ "USER" , # Returns the name of the current user
32+ "CURRENT_ROLE" , # Returns the current role
33+ "CURRENT_DATABASE" , # Returns the name of the current database
34+ "CURRENT_SCHEMA()" , # Returns the name of the current schema
35+ "CURRENT_SETTING()" , # Returns the value of a specified configuration parameter
36+ "PG_CURRENT_XACT_ID()" , # Returns the current transaction ID
37+ # (if the extension is enabled) Provides a view of query statistics
38+ "PG_STAT_STATEMENTS()" ,
39+ "PG_SLEEP()" , # Delays execution by the specified number of seconds
40+ "CLIENT_ADDR()" , # Returns the IP address of the client (from pg_stat_activity)
41+ "CLIENT_HOSTNAME()" , # Returns the hostname of the client (from pg_stat_activity)
42+ "PGP_SYM_DECRYPT()" , # (from pgcrypto extension) Symmetric decryption function
43+ "PGP_PUB_DECRYPT()" , # (from pgcrypto extension) Asymmetric decryption function
44+ ]
45+
2446 async def query_execution (
2547 self ,
2648 sql_query : Annotated [str , "The SQL query to run against the database." ],
0 commit comments