Possible to prevent INSERT, UPDATE, DROP, TRUNCATE, ALTER etc statements in TacQueryBuilder and TacSQLTextEditor?
Hello. I need to prevent users from making any changes at all to the database - DML or DDL. Strictly read only.
Is there a way to limit SQL to SELECT only?
Sorry for the late response.
You can prevent this with Active Query Builder by setting the QueryBuilder.BehaviorOpttions.AllowSleepMode to False.
In the current version, AQB can build SELECT statements only. But depending on the AllowSleepMode property, AQB can pass other types of statements assigned to the QueryBuilder.SQL property to the output or deny this.
If the AllowSleepMode is True, AQB passes other types of statements through the QueryBuilder.SQL property.
If the AllowSleepMode is False, it raises an exception on assigning a non-SELECT statement to it. This way, the only thing you can read from the QueryBuilder.SQL property is a valid SELECT statement. Nothing else. In some SQL syntaxes, it is possible to add the INTO clause to modify the data. You deny this clause by setting the SyntaxProvider.DenyIntoClause property to True.
When we add support for other statements, this will be a major update, and we'll make a property to maintain backward compatibility with the previous behavior.