govtnz/silverstripe-sqlexplorer

A SilverStripe module to provide read-only access to a database for suitably privileged users.

Installs: 635

Dependents: 0

Suggesters: 0

Security: 0

Stars: 4

Watchers: 10

Forks: 0

Open Issues: 2

Type:silverstripe-vendormodule

2.0.1 2019-08-26 21:31 UTC

This package is auto-updated.

Last update: 2024-11-27 10:14:31 UTC


README

Version License

SQL Explorer is a simple module that provides read-only access to database tables, and read-only SQL statements. It is intended for deployment in production environments, with restricted user access.

The tools is designed to facilite adhoc queries on a production database, where access is otherwise limited.

WARNING

Before installing this module, it is recommended that you consult with technical governance within your organisation as applicable.

Restrictions

The tool imposes some restrictions from a security perspective:

  • SQL statements must be SELECT statements.
  • Certain table columns are excluded automatically from results, such as password hashes, salt, etc. In a future release this may be configurable.

Configuration

No configuration is required. However, you can set the following in config.yml:

  • require_explicit_permission if truthy, the SQL Explorer admin interface requires users explicitly have SQL_EXPLORER persmission. Without this extra control, any administrator can access it directly, which in some environment is undesirable. Default is false.

Future state:

  • Whitelist/blacklist specific tables or columns on tables.