i dZddlmZddlZdZej dej Zej dej Zej dej Z d dZ d d Z efd d Z y)zZ Shared validation for LLM-generated SQL (deep analysis tool + Pydantic reasoner output). ) annotationsNdz\b(MERGE|INSERT|UPDATE|DELETE|DROP|ALTER|CREATE|TRUNCATE|GRANT|REVOKE|EXEC|EXECUTE|OPENROWSET|BULK\s+INSERT|WAITFOR|SHUTDOWN|BACKUP|RESTORE|DBCC|KILL)\bz(\bSELECT\b[\s\S]*?\bINTO\s+(?:#|\[|@|\w)zX;\s*\b(WITH|SELECT|INSERT|UPDATE|DELETE|MERGE|CREATE|DROP|ALTER|TRUNCATE|EXEC|EXECUTE)\bc|yt|j}|jdr%|ddj}|jdr%|j j dj }|S)zOStrip whitespace, leading batch semicolons, and trailing statement terminators.N;)strstrip startswithlstriprstrip)queryss G/var/www/html/userprofiledev.eatanceapp.com/deep_analysis/sql_safety.pynormalize_llm_sqlr#sk } E A ,,s  abELLN ,,s   #%%'A Hcb|t|jsyt|}|sytj |ryt j |ryt j |ry|j}|j}|jds|jdsyy) zl Return an error message if ``query`` is not allowed for the read-only tool. Return None if OK. NzQuery is empty.zJOnly one SQL statement is allowed (no extra statements after a semicolon).zVQuery contains forbidden SQL; only read-only SELECT (optionally with WITH) is allowed.zSELECT INTO is not allowed.SELECTWITHz+Query must begin with SELECT or WITH (CTE).) r r r _MULTI_STMTsearch _FORBIDDEN _SELECT_INTOr upperr )rqleadlus rvalidate_llm_sqlr.s  }CJ,,. % A  ![g1, 88:D B MM( #r}}V'<< rct|}|jj}|jdrd|Sd|d|dS)uH Limit rows for plain ``SELECT`` by wrapping in ``SELECT TOP (n) * FROM ( … )``. ``WITH`` (CTE) queries cannot be placed inside that subquery in SQL Server ("Incorrect syntax near 'WITH'"); those are returned unchanged (leading ``;`` for batch safety). Callers should cap result rows in application code. rrz SELECT TOP (z ) * FROM ( z ) AS _eatance_sub)rr rr )rninnerrs rmssql_wrap_top_subqueryr"EsP e $E    B }}V5'{ !L/B CCr)rr returnr )rr r#z str | None)rr r intr#r ) __doc__ __future__rreMAX_SQL_TOOL_ROWScompile IGNORECASErrrrrr"rrr,s# RZZ MM  rzz/MM bjj_MM  .2C Dr