Description
The parse_tables function only extracts tables from the main query level but doesn't traverse into subqueries.
Steps to Reproduce
INSTALL parser_tools FROM community;
LOAD parser_tools;
-- This query has two tables: schema1.users and schema2.orders
SELECT * FROM parse_tables('SELECT * FROM schema1.users WHERE id IN (SELECT user_id FROM schema2.orders)');Expected Result
┌─────────┬─────────┬─────────┐
│ schema │ table │ context │
├─────────┼─────────┼─────────┤
│ schema1 │ users │ from │
│ schema2 │ orders │ from │
└─────────┴─────────┴─────────┘
Actual Result
┌─────────┬─────────┬─────────┐
│ schema │ table │ context │
├─────────┼─────────┼─────────┤
│ schema1 │ users │ from │
└─────────┴─────────┴─────────┘
The table in the subquery (schema2.orders) is not included in the results.
Use Case
We're trying to use parser_tools for multi-tenant access control validation. We need to ensure queries only access allowed schemas, but the current behavior would allow a malicious subquery to bypass schema restrictions.
DuckDB Version
v1.4.4
Workaround
Currently using json_serialize_sql and manually walking the AST, but was hoping parser_tools could provide this functionality with a cleaner API.
Description
The
parse_tablesfunction only extracts tables from the main query level but doesn't traverse into subqueries.Steps to Reproduce
Expected Result
Actual Result
The table in the subquery (
schema2.orders) is not included in the results.Use Case
We're trying to use parser_tools for multi-tenant access control validation. We need to ensure queries only access allowed schemas, but the current behavior would allow a malicious subquery to bypass schema restrictions.
DuckDB Version
v1.4.4
Workaround
Currently using
json_serialize_sqland manually walking the AST, but was hoping parser_tools could provide this functionality with a cleaner API.