=== modified file 'dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java'
--- dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java	2015-02-12 19:37:50 +0000
+++ dhis-2/dhis-api/src/main/java/org/hisp/dhis/sqlview/SqlView.java	2015-02-17 23:04:46 +0000
@@ -141,7 +141,7 @@
 
     public static String getProtectedTablesRegex()
     {
-        StringBuffer regex = new StringBuffer( "^.*?(" );
+        StringBuffer regex = new StringBuffer( "^.*?(\"|'|`|\\s|^)(" );
 
         for ( String table : PROTECTED_TABLES )
         {
@@ -150,12 +150,12 @@
 
         regex.delete( regex.length() - 1, regex.length() );
         
-        return regex.append( ").*$" ).toString();
+        return regex.append( ")(\"|'|`|\\s|$).*$" ).toString();
     }
     
     public static String getIllegalKeywordsRegex()
     {
-        StringBuffer regex = new StringBuffer( "^.*?(" );
+        StringBuffer regex = new StringBuffer( "^.*?(\\s|^)(" );
         
         for ( String word : ILLEGAL_KEYWORDS )
         {
@@ -164,7 +164,7 @@
         
         regex.delete( regex.length() - 1, regex.length() );
         
-        return regex.append( ").*$" ).toString();
+        return regex.append( ")(\\s|$).*$" ).toString();
     }
     
     public SqlView cleanSqlQuery()

=== modified file 'dhis-2/dhis-services/dhis-service-administration/src/test/java/org/hisp/dhis/sqlview/SqlViewServiceTest.java'
--- dhis-2/dhis-services/dhis-service-administration/src/test/java/org/hisp/dhis/sqlview/SqlViewServiceTest.java	2015-02-12 19:37:50 +0000
+++ dhis-2/dhis-services/dhis-service-administration/src/test/java/org/hisp/dhis/sqlview/SqlViewServiceTest.java	2015-02-17 23:04:46 +0000
@@ -233,7 +233,7 @@
     @Test( expected = IllegalQueryException.class )
     public void testValidateProtectedTables()
     {
-        SqlView sqlView = new SqlView( "Name", "select * from userinfo", true );
+        SqlView sqlView = new SqlView( "Name", "select * from userinfo where userinfoid=1", true );
         
         sqlViewService.validateSqlView( sqlView, null, null );
     }
@@ -266,7 +266,7 @@
     }
     
     @Test
-    public void testValidateSuccess()
+    public void testValidateSuccessA()
     {
         SqlView sqlView = new SqlView( "Name", "select * from dataelement where valueType = '${valueType}'", true );
         
@@ -275,4 +275,12 @@
         
         sqlViewService.validateSqlView( sqlView, null, variables );
     }
+    
+    @Test
+    public void testValidateSuccessB()
+    {
+        SqlView sqlView = new SqlView( "Name", "select ug.name from usergroup ug where ug.name ~* '^OU\\s(\\w.*)\\sAgency\\s(\\w.*)\\susers$'", false );
+        
+        sqlViewService.validateSqlView( sqlView, null, null );
+    }
 }