hhyo · woshiyanghai · Jul 18, 2024 · Jul 18, 2024 · Jul 19, 2024 · Jul 19, 2024
diff --git a/common/templates/config.html b/common/templates/config.html
@@ -304,6 +304,16 @@ <h5 style="color: darkgrey"><b>SQL上线</b></h5>
                                     </div>
                                 </div>
                             </div>
+                            <div class="form-group">
+                                <label for="affected_rows_limit"
+                                       class="col-sm-4 control-label">AFFECTED_ROWS_LIMIT</label>
+                                <div class="col-sm-5">
+                                    <input type="number" class="form-control" id="affected_rows_limit"
+                                           key="affected_rows_limit"
+                                           value="{{ config.affected_rows_limit }}"
+                                           placeholder="dml影响行数限制，超过行的语句禁止提交,默认100000000" />
+                                </div>
+                            </div>
                             <div class="form-group">
                                 <label for="ban_self_audit"
                                        class="col-sm-4 control-label">BAN_SELF_AUDIT</label>

diff --git a/sql/engines/mysql.py b/sql/engines/mysql.py
@@ -648,10 +648,14 @@ def execute_check(self, db_name=None, sql=""):
         # 禁用/高危语句检查
         critical_ddl_regex = self.config.get("critical_ddl_regex", "")
         ddl_dml_separation = self.config.get("ddl_dml_separation", False)
+        affected_rows_limit = int(
+            self.config.get("affected_rows_limit", 100000000)
+        )  # 影响最大行数限制默认100000000行
         p = re.compile(critical_ddl_regex)
         # 获取语句类型：DDL或者DML
         ddl_dml_flag = ""
         for row in check_result.rows:
+            affected_rows = row.affected_rows
             statement = row.sql
             # 去除注释
             statement = remove_comments(statement, db_type="mysql")
@@ -669,6 +673,16 @@ def execute_check(self, db_name=None, sql=""):
                 row.stagestatus = "驳回高危SQL"
                 row.errlevel = 2
                 row.errormessage = "禁止提交匹配" + critical_ddl_regex + "条件的语句！"
+            # dml影响行数超过限制,超过限制的dml必须拆分成小事务才可以提交,建议不打开REAL_ROW_COUNT
+            elif syntax_type == "DML" and affected_rows > affected_rows_limit:
+                check_result.error_count += 1
+                row.stagestatus = "驳回高危SQL"
+                row.errlevel = 2
+                row.errormessage = (
+                    "禁止提交匹配生产环境，禁止提交影响行数超过"
+                    + str(affected_rows_limit)
+                    + "行的dml语句!"
+                )
             elif ddl_dml_separation and syntax_type in ("DDL", "DML"):
                 if ddl_dml_flag == "":
                     ddl_dml_flag = syntax_type