1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
//! Security validation layer for query filters and SQL identifiers.
//!
//! This module provides validation for:
//! - User-provided filters (field whitelisting, operator blacklisting)
//! - SQL identifiers (table names, column names) to prevent injection
//! - Nesting depth limits for complex queries
//!
//! # Example
//!
//! ```
//! use mik_sql::{FilterValidator, merge_filters, Filter, Operator, Value};
//!
//! // Create validator with security rules
//! let validator = FilterValidator::new()
//! .allow_fields(&["name", "email", "status"])
//! .deny_operators(&[Operator::Regex, Operator::ILike])
//! .max_depth(3);
//!
//! // System/policy filters (trusted, no validation)
//! let trusted = vec![
//! Filter::new("org_id", Operator::Eq, Value::Int(123)),
//! Filter::new("deleted_at", Operator::Eq, Value::Null),
//! ];
//!
//! // User-provided filters (validated)
//! let user = vec![
//! Filter::new("status", Operator::Eq, Value::String("active".into())),
//! ];
//!
//! // Merge with validation
//! let filters = merge_filters(trusted, user, &validator).unwrap();
//! assert_eq!(filters.len(), 3);
//! ```
// Re-export all public items
pub use ;
pub use ;
pub use ;