From 6502cc43bfbc21ca3fa71ff175b5039ce8669af9 Mon Sep 17 00:00:00 2001
From: Artem Niehrieiev <r.tem@tuta.io>
Date: Fri, 6 Mar 2026 10:48:44 +0000
Subject: [PATCH] feat: log unsafe queries to Slack for better monitoring

---
 .../visualizations/panel/utils/check-query-is-safe.util.ts      | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/backend/src/entities/visualizations/panel/utils/check-query-is-safe.util.ts b/backend/src/entities/visualizations/panel/utils/check-query-is-safe.util.ts
index 363ba0cd6..fb7c9d1bf 100644
--- a/backend/src/entities/visualizations/panel/utils/check-query-is-safe.util.ts
+++ b/backend/src/entities/visualizations/panel/utils/check-query-is-safe.util.ts
@@ -1,5 +1,6 @@
 import { BadRequestException } from '@nestjs/common';
 import { ConnectionTypesEnum } from '@rocketadmin/shared-code/dist/src/shared/enums/connection-types-enum.js';
+import { slackPostMessage } from '../../../../helpers/index.js';
 
 const FORBIDDEN_SQL_KEYWORDS = [
 	'INSERT',
@@ -243,6 +244,7 @@ export function validateQuerySafety(query: string, connectionType: ConnectionTyp
 	const result = checker(query);
 
 	if (!result.isSafe) {
+		slackPostMessage(`Unsafe query: ${query}\nReason: ${result.reason}\nConnection Type: ${connectionType}`);
 		throw new BadRequestException(`Unsafe query: ${result.reason}. Only read-only queries are allowed.`);
 	}
 }