SQL语句的解析,规则匹配,标准化

    /**
     * 将字段／表名加上转义符``
     *
     * @return
     */
    public static String transformSqlFormat(String name) {
        StringBuffer sqlName = new StringBuffer();
        return sqlName.append("`")
                .append(name)
                .append("`")
                .toString();
    }

    /**
     * 将字段／表名列表加上转义符``,并用逗号隔开
     *
     * @return
     */
    public static String transformSqlFormat(List<String> names) {

        String name = StringUtils.join(names.toArray(), "`,`");
        StringBuffer sqlNames = new StringBuffer();
        return sqlNames.append("`")
                .append(name)
                .append("`")
                .toString();

    }

/**
     * @return java.lang.String
     * @Annotion 过滤sql中的注释
     * @Author ZhiWen
     * @Date 2020-05-14
     * @Param [sqlText]
     */
    public static String filterAnnotate(String sqlText) {
        Pattern p = Pattern.compile(SqlConst.REG_SQL_ANNOTATE);
        sqlText = p.matcher(sqlText).replaceAll("$1");
        sqlText = sqlText.replaceAll(SqlConst.NEW_LINE_CHAR, SqlConst.SPACE).replaceAll("(;+\\s*)+", SqlConst.SEMICOLON);
        return sqlText;
    }

    /**
     * @return void
     * @Annotion 检查敏感操作
     * @Author ZhiWen
     * @Date 2020-05-14
     * @Param [sql]
     */
    public static void checkSensitiveSql(String sql) throws ServerException {
        Pattern pattern = Pattern.compile(SqlConst.REG_SENSITIVE_SQL);
        Matcher matcher = pattern.matcher(sql.toLowerCase());
        if (matcher.find()) {
            String group = matcher.group();
            throw new ServerException("此操作不被允许: " + group.toUpperCase());
        }
    }


public class SqlConst {

    /**
     * 特殊符号定义
     */
    public static final String COMMA = ",";

    public static final String SLASH = "/";

    public static final String SPACE = " ";

    public static final String EMPTY = "";

    public static final String SEMICOLON = ";";

    public static final String QUESTION_MARK = "?";

    public static final String SQL_URL_SEPARATOR = "&";

    public static final String AT_SYMBOL = "@";

    public static final String OCTOTHORPE = "#";

    public static final String PERCENT_SIGN = "%";

    public static final String NEW_LINE_CHAR = "\n";

    public static final String COLON = ":";

    public static final String MINUS = "-";

    public static final String UNDERLINE = "_";

    public static final char CSV_HEADER_SEPARATOR = ':';

    public static final char DELIMITER_START_CHAR = '<';

    public static final char DELIMITER_END_CHAR = '>';

    public static final String PARENTHESES_START = "(";

    public static final String PARENTHESES_END = ")";

    public static final String SQUARE_BRACKET_START = "[";

    public static final String SQUARE_BRACKET_END = "]";

    public static final String DOT = ".";

    public static final char ASSIGNMENT_CHAR = '=';

    public static final char DOLLAR_DELIMITER = '$';

    public static final String MYSQL_KEY_DELIMITER = "`";

    public static final String APOSTROPHE = "'";

    public static final String DOUBLE_QUOTES = "\"";
    public static final String DOUBLE_SLASH = "\\";


    /**
     * 当前用户
     */
    public static final String CURRENT_USER = "CURRENT_USER";


    /**
     * 当前平台
     */
    public static final String CURRENT_PLATFORM = "CURRENT_PLATFORM";


    /**
     * auth code key
     */
    public static final String AUTH_CODE = "authCode";


    /**
     * Token 前缀
     */
    public static final String TOKEN_PREFIX = "Bearer";

    /**
     * Token header名称
     */
    public static final String TOKEN_HEADER_STRING = "Authorization";

    /**
     * Token 用户名
     */
    public static final String TOKEN_USER_NAME = "token_user_name";

    /**
     * Token 密码
     */
    public static final String TOKEN_USER_PASSWORD = "token_user_password";

    /**
     * Token 创建时间
     */
    public static final String TOKEN_CREATE_TIME = "token_create_time";


    public static final String SCHEDULE_JOB_DATA_KEY = "scheduleJobs";

    /**
     * 常用图片格式
     */
    public static final String REG_IMG_FORMAT = "^.+(.JPEG|.jpeg|.JPG|.jpg|.PNG|.png|.GIF|.gif)$";

    /**
     * 邮箱格式
     */
    public static final String REG_EMAIL_FORMAT = "^[a-z_0-9.-]{1,64}@([a-z0-9-]{1,200}.){1,5}[a-z]{1,6}$";

    /**
     * 敏感sql操作
     */
    public static final String REG_SENSITIVE_SQL = "drop\\s|alter\\s|grant\\s|insert\\s|replace\\s|delete\\s|truncate\\s|update\\s|remove\\s|rename\\s";


    /**
     * 匹配多行sql注解正则
     */
    public static final String REG_SQL_ANNOTATE = "(?ms)('(?:''|[^'])*')|--.*?$|/\\*[^+]*?\\*/";


    public static final String DIR_DOWNLOAD = File.separator + "download" + File.separator;

    public static final String DIR_EMAIL = File.separator + "email" + File.separator;

    public static final String DIR_TEMPL = File.separator + "tempFiles" + File.separator;

    public static final String HTTP_PROTOCOL = "http";

    public static final String HTTPS_PROTOCOL = "https";

    public static final String PROTOCOL_SEPARATOR = "://";


    public static final String QUERY_COUNT_SQL = "SELECT COUNT(*) FROM (%s) CT";

    public static final String QUERY_META_SQL = "SELECT * FROM (%s) MT WHERE 1=0";
    /**
     * 列名出现次数
     */
    public static final Integer COL_COUNT = 2;
    /**
     * 正则-用来判断sql中是否存在 *   查询全部
     */
    public static final String ANY_QUERYPARAM = "^select(.*)from";
    /**
     * * 符号
     */
    public static final String ANY_SYMBOL = "*";
    /**
     * Oracle连接方式
     */
    public static final String ORACLE_SERVICE = "SERVICE_NAME";
    public static final String ORACLE_SID = "SID";
    /**
     * sql别名
     */
    public static final String SQLALIAS = "\\s+(as\\s+)?(.*?)\\s";
    /**
     * 数据库url(用于格式化)
     */
    public static String mysqlUrl = "jdbc:mysql://%s/%s?tinyInt1isBit=false";
    /**
     * hive数据库url格式化
     */
    public static String hiveUrl = "jdbc:hive2://%s/%s";
    /**
     * oracle数据库url格式化
     * 格式一：jdbc:oracle:thin:@//:/
     * 格式二：jdbc:oracle:thin:@::
     * jdbc:oracle:thin:@//127.0.0.1:1521/system (jdbc:oracle:thin:@//{ip}:{端口(默认1521)}/dbser2
     */
    public static String oracleUrl = "jdbc:oracle:thin:@//%s/%s";
    public static String oracleSidUrl = "jdbc:oracle:thin:@%s:%s";
    /**
     * 查询sql模板1
     */
    public static String querySql1 = "select %s from (%s) as t %s";
    /**
     * 创建表sql - 日期列
     */
    public static String dateColumn = "%s datetime NULL  DEFAULT NULL,";
    /**
     * 创建表sql - 金额列
     */
    public static String decimalColumn = " %s decimal(10,2) DEFAULT NULL,";
    /**
     * 创建表sql - 数字列
     */
    public static String bigintColumn = " %s bigint(20) DEFAULT NULL,";
}