英文:
Restricting tables for the package "laravel-ask-database"
问题
我是新来的 Laravel 开发领域,我遇到了一个用于生成数据库自然查询的包,叫做 "laravel-ask-database",是否有办法限制这个包可以访问哪些表格?
英文:
I'm new to the world of laravel development I came across a package to generate natural queries for the database called "laravel-ask-database", is there a way I can restrict which tables this package has access to?
答案1
得分: 1
【laravel-ask-database】从数据库模式获取所有表列表 第34行:
protected function getTables(string $question): array
{
return once(function () use ($question) {
$tables = DB::connection($this->connection)
->getDoctrineSchemaManager()
->listTables();
if (count($tables) < config('ask-database.max_tables_before_performing_lookup')) {
return $tables;
}
return $this->filterMatchingTables($question, $tables);
});
}
没有可配置的过滤器。但是,为了保护表,您可以创建一个名为laravel-ask-database
的额外的MySQL用户,并设置特定表的权限。
要将自定义的laravel-ask-database
连接添加到config/database.php
,请使用以下配置:
'connections' => [
...
'laravel-ask-database' => [
'driver' => 'mysql',
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'forge'),
'username' => 'laravel-ask-database',
'password' => ...,
...
],
...
]
然后,通过.env
文件更改ask-database.connection
(config/ask-database.php)的默认值:
ASK_DATABASE_DB_CONNECTION=laravel-ask-database
这将不会保护受限制的表的SQL查询构建,但会保护对它们的访问。
替代方法:
- 分支项目或创建拉取请求。
- 避免在提示中使用受限制的表名。
希望这对您有帮助。
英文:
The laravel-ask-database is getting the all table list from db schema line 34:
protected function getTables(string $question): array
{
return once(function () use ($question) {
$tables = DB::connection($this->connection)
->getDoctrineSchemaManager()
->listTables();
if (count($tables) < config('ask-database.max_tables_before_performing_lookup')) {
return $tables;
}
return $this->filterMatchingTables($question, $tables);
});
}
And there is no configurable filter. However, as an option to protect tables, you can create an additional MySQL user named laravel-ask-database
with custom-specific table privileges.
To add the custom laravel-ask-database
connection to config/database.php, use the following configuration:
'connections' => [
...
'laravel-ask-database' => [
'driver' => 'mysql',
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'forge'),
'username' => 'laravel-ask-database',
'password' => ...,
...
],
...
]
next change the default value of ask-database.connection
(config/ask-database.php) via .env
file:
ASK_DATABASE_DB_CONNECTION=laravel-ask-database
This will not protect the construction of SQL queries for restricted tables, but it will protect access to them.
Alternative ways:
- Fork the project or make a pull request.
- Avoid using restricted table names in prompts.
hope this helps you
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论