diff --git a/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java b/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java index 17fe414547..edde0d2570 100644 --- a/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java +++ b/core/core-backend/src/main/java/io/dataease/datasource/server/DatasourceServer.java @@ -1089,6 +1089,11 @@ public class DatasourceServer implements DatasourceApi { if (ObjectUtils.isEmpty(tableName) || ObjectUtils.isEmpty(id)) { return null; } + DatasetTableDTO datasetTableDTO = new DatasetTableDTO(); + datasetTableDTO.setDatasourceId(id); + if (!getTables(datasetTableDTO).stream().map(DatasetTableDTO::getTableName).collect(Collectors.toList()).contains(tableName)) { + DEException.throwException(Translator.get("i18n_invalid_table_name")); + } String sql = "SELECT * FROM `" + tableName + "`"; sql = new String(Base64.getEncoder().encode(sql.getBytes())); PreviewSqlDTO previewSqlDTO = new PreviewSqlDTO(); diff --git a/core/core-backend/src/main/resources/i18n/core_en_US.properties b/core/core-backend/src/main/resources/i18n/core_en_US.properties index 9c8cd9a316..20f0ac6741 100644 --- a/core/core-backend/src/main/resources/i18n/core_en_US.properties +++ b/core/core-backend/src/main/resources/i18n/core_en_US.properties @@ -215,4 +215,5 @@ i18n_unsupported_protocol=Unsupported protocol! i18n_excel_error_first_row=Empty cells are not allowed in the middle of the first row! i18n_app_error_no_api=Currently, API and Lark data sources are not supported. i18n_resource_not_exists=Resource does not exist or has been deleted... -i18n_field_name_limit_100=Field name cannot exceed 100 characters \ No newline at end of file +i18n_field_name_limit_100=Field name cannot exceed 100 characters +i18n_invalid_table_name=Invalid table name! diff --git a/core/core-backend/src/main/resources/i18n/core_zh_CN.properties b/core/core-backend/src/main/resources/i18n/core_zh_CN.properties index 7017469514..cf16de39f3 100644 --- a/core/core-backend/src/main/resources/i18n/core_zh_CN.properties +++ b/core/core-backend/src/main/resources/i18n/core_zh_CN.properties @@ -214,4 +214,5 @@ i18n_unsupported_protocol=\u4E0D\u652F\u6301\u7684\u534F\u8BAE\uFF01 i18n_excel_error_first_row=\u9996\u884C\u884C\u4E2D\u4E0D\u5141\u8BB8\u6709\u7A7A\u5355\u5143\u683C\uFF01 i18n_app_error_no_api=\u5F53\u524D\u4E0D\u652F\u6301API\u548C\u98DE\u4E66\u6570\u636E\u6E90 i18n_resource_not_exists=\u8D44\u6E90\u4E0D\u5B58\u5728\u6216\u5DF2\u7ECF\u88AB\u5220\u9664... -i18n_field_name_limit_100=\u5b57\u6bb5\u540d\u79f0\u4e0d\u80fd\u8d85\u8fc7100\u5b57\u7b26 \ No newline at end of file +i18n_field_name_limit_100=\u5b57\u6bb5\u540d\u79f0\u4e0d\u80fd\u8d85\u8fc7100\u5b57\u7b26 +i18n_invalid_table_name=\u65e0\u6548\u7684\u8868\u540d\uff01 diff --git a/core/core-backend/src/main/resources/i18n/core_zh_TW.properties b/core/core-backend/src/main/resources/i18n/core_zh_TW.properties index 1add57902a..5807e607e6 100644 --- a/core/core-backend/src/main/resources/i18n/core_zh_TW.properties +++ b/core/core-backend/src/main/resources/i18n/core_zh_TW.properties @@ -214,4 +214,5 @@ i18n_unsupported_protocol=\u4E0D\u652F\u63F4\u7684\u5354\u8B70\uFF01 i18n_excel_error_first_row=\u9996\u884C\u884C\u4E2D\u4E0D\u5141\u8A31\u6709\u7A7A\u5132\u5B58\u683C\uFF01 i18n_app_error_no_api=\u7576\u524D\u4E0D\u652F\u63F4API\u548C\u98DB\u66F8\u6578\u64DA\u6E90 i18n_resource_not_exists=\u8CC7\u6E90\u4E0D\u5B58\u5728\u6216\u5DF2\u7D93\u88AB\u522A\u9664... -i18n_field_name_limit_100=\u5b57\u6bb5\u540d\u7a31\u4e0d\u80fd\u8d85\u904e100\u5b57\u7b26 \ No newline at end of file +i18n_field_name_limit_100=\u5b57\u6bb5\u540d\u7a31\u4e0d\u80fd\u8d85\u904e100\u5b57\u7b26 +i18n_invalid_table_name=\u65e0\u6548\u7684\u8868\u540d\uff01