from rest_framework.exceptions import ParseError
import json
from jinja2 import Template

forbidden_keywords = ["UPDATE", "DELETE", "DROP", "TRUNCATE"]


def check_sql_safe(sql: str):
    """检查sql安全性
    """
    sql_upper = sql.upper()
    for kw in forbidden_keywords:
        if kw in sql_upper:
            raise ParseError('sql查询有风险')
    return sql

def format_json_with_placeholders(json_str, **kwargs):
    formatted_json = json_str

    # 遍历关键字参数，将占位符替换为对应的值
    for key, value in kwargs.items():
        formatted_json = formatted_json.replace("{" + key + "}", json.dumps(value))

    # 格式化后的字符串依然是 JSON 字符串，没有使用 json.loads()
    return formatted_json