public/dataease
1
0
Fork 0
mirror of https://github.com/dataease/dataease.git synced 2026-06-15 19:02:03 +08:00
Code Issues Packages Projects Releases Wiki Activity

fix: 修复SQL预览漏洞

Browse Source
This commit is contained in:
junjun
2026-06-01 10:45:18 +08:00
parent 6b1fa2c506
commit 7b47af38b8
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
sdk/api/api-base/src/main/java/io/dataease/api/dataset/DatasetDataApi.java
View File

@@ -3,6 +3,7 @@ package io.dataease.api.dataset;
import com.github.xiaoymin.knife4j.annotations.ApiSupport;
import io.dataease.api.dataset.dto.*;
import io.dataease.api.dataset.union.DatasetGroupInfoDTO;
import io.dataease.auth.DePermit;
import io.dataease.extensions.datasource.dto.DatasetTableDTO;
import io.dataease.extensions.datasource.dto.DatasetTableFieldDTO;
import io.swagger.v3.oas.annotations.Operation;
@@ -28,6 +29,7 @@ public interface DatasetDataApi {
List<DatasetTableFieldDTO> tableField(@RequestBody DatasetTableDTO datasetTableDTO) throws Exception;
@Operation(summary = "SQL预览")
@DePermit({"#p0.datasourceId+':read'"})
@PostMapping("previewSql")
Map<String, Object> previewSql(@RequestBody PreviewSqlDTO dto) throws Exception;