from apps.bi.models import Dataset, Report from apps.utils.decorators import auto_log from rest_framework.exceptions import ParseError forbidden_keywords = ["UPDATE", "DELETE", "DROP", "TRUNCATE"] def check_sql_safe(sql: str): """检查sql安全性 """ sql_upper = sql.upper() for kw in forbidden_keywords: if kw in sql_upper: raise ParseError('sql查询有风险') return sql