sqlx-query-dsl 0.1.1

A query DSL extension for SQLx
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25


/// 字段白名单
/// 用于在构建动态 SQL 时验证字段名,防止 SQL 注入
pub struct FieldWhitelist {
    allowed: &'static [&'static str],
}

impl FieldWhitelist {
    /// 创建一个新的白名单实例
    ///
    /// * `allowed` - 允许的字段名静态切片
    pub fn new(allowed: &'static [&'static str]) -> Self {
        Self { allowed }
    }

    /// 检查字段是否在白名单中
    ///
    /// 返回 Result 而不是 panic
    pub fn check(&self, field: &str) -> Result<(), String> {
        if !self.allowed.contains(&field) {
            return Err(format!("Illegal field: {}", field));
        }
        Ok(())
    }
}