Skip to content

Commit a23e875

Browse files
ArtuomkaArtuomka
committed
refactor: streamline query safety validation using a connection type checker map
1 parent 5ef0134 commit a23e875

File tree

1 file changed

+19
-15
lines changed

1 file changed

+19
-15
lines changed

backend/src/entities/visualizations/saved-db-query/utils/check-query-is-safe.util.ts

Lines changed: 19 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -222,27 +222,31 @@ export function checkDynamoDbQueryIsSafe(query: string): QuerySafetyResult {
222222
return checkSqlQueryIsSafe(query);
223223
}
224224

225+
type QuerySafetyChecker = (query: string) => QuerySafetyResult;
226+
227+
const CONNECTION_TYPE_CHECKERS: ReadonlyMap<ConnectionTypesEnum, QuerySafetyChecker> = new Map([
228+
...SQL_CONNECTION_TYPES.map((type): [ConnectionTypesEnum, QuerySafetyChecker] => [type, checkSqlQueryIsSafe]),
229+
...MONGODB_CONNECTION_TYPES.map((type): [ConnectionTypesEnum, QuerySafetyChecker] => [type, checkMongoQueryIsSafe]),
230+
...ELASTICSEARCH_CONNECTION_TYPES.map((type): [ConnectionTypesEnum, QuerySafetyChecker] => [
231+
type,
232+
checkElasticsearchQueryIsSafe,
233+
]),
234+
...REDIS_CONNECTION_TYPES.map((type): [ConnectionTypesEnum, QuerySafetyChecker] => [type, checkRedisQueryIsSafe]),
235+
...DYNAMODB_CONNECTION_TYPES.map((type): [ConnectionTypesEnum, QuerySafetyChecker] => [
236+
type,
237+
checkDynamoDbQueryIsSafe,
238+
]),
239+
]);
240+
225241
export function validateQuerySafety(query: string, connectionType: ConnectionTypesEnum): void {
226-
let result: QuerySafetyResult;
227-
228-
if (MONGODB_CONNECTION_TYPES.includes(connectionType)) {
229-
result = checkMongoQueryIsSafe(query);
230-
} else if (ELASTICSEARCH_CONNECTION_TYPES.includes(connectionType)) {
231-
result = checkElasticsearchQueryIsSafe(query);
232-
} else if (REDIS_CONNECTION_TYPES.includes(connectionType)) {
233-
result = checkRedisQueryIsSafe(query);
234-
} else if (DYNAMODB_CONNECTION_TYPES.includes(connectionType)) {
235-
result = checkDynamoDbQueryIsSafe(query);
236-
} else if (SQL_CONNECTION_TYPES.includes(connectionType)) {
237-
result = checkSqlQueryIsSafe(query);
238-
} else {
239-
result = checkSqlQueryIsSafe(query);
240-
}
242+
const checker = CONNECTION_TYPE_CHECKERS.get(connectionType) ?? checkSqlQueryIsSafe;
243+
const result = checker(query);
241244

242245
if (!result.isSafe) {
243246
throw new BadRequestException(`Unsafe query: ${result.reason}. Only read-only queries are allowed.`);
244247
}
245248
}
249+
246250
function normalizeQuery(query: string): string {
247251
return query
248252
.replace(/--.*$/gm, '')

0 commit comments

Comments
 (0)