Allow leading comments in SQL input field (#653)

Thanks, @jaywgraves!

datasette/utils/__init__.py

@@ -174,6 +174,7 @@ disallawed_sql_res = [(re.compile("pragma"), "Statement may not contain PRAGMA")
 
 
 def validate_sql_select(sql):
+    sql = "\n".join(line for line in sql.split('\n') if not line.strip().startswith('--'))
     sql = sql.strip().lower()
     if not any(r.match(sql) for r in allowed_sql_res):
         raise InvalidSql("Statement must be a SELECT")

tests/test_utils.py

@@ -137,6 +137,8 @@ def test_custom_json_encoder(obj, expected):
     "bad_sql",
     [
         "update blah;",
+        "-- sql comment to skip\nupdate blah;",
+        "update blah set some_column='# Hello there\n\n* This is a list\n* of items\n--\n[And a link](https://github.com/simonw/datasette-render-markdown).'\nas demo_markdown",
         "PRAGMA case_sensitive_like = true" "SELECT * FROM pragma_index_info('idx52')",
     ],
 )
@@ -150,6 +152,8 @@ def test_validate_sql_select_bad(bad_sql):
     [
         "select count(*) from airports",
         "select foo from bar",
+        "--sql comment to skip\nselect foo from bar",
+        "select '# Hello there\n\n* This is a list\n* of items\n--\n[And a link](https://github.com/simonw/datasette-render-markdown).'\nas demo_markdown",
         "select 1 + 1",
         "explain select 1 + 1",
         "explain query plan select 1 + 1",