babelfish-for-postgresql / babelfish_extensions / 11013575292
74%
BABEL_4_X_DEV: 75%

LAST BUILD BRANCH: babel_4891
DEFAULT BRANCH: BABEL_4_X_DEV
Ran
Jobs 1
Files 114
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 73.706% (-0.003%) from 73.709%
11013575292

push

github

web-flow 
Support Cross-database references in views (#2899) (#2956)

Support execution of views which references objects (tables/views/functions) from
across the databases. Here we are talking about Babelfish logical database (T-SQL database)
which is different from a physical Postgres database.
To support this, perform permission checks for cross database objects using session user (login)
instead of current_user (user of current T-SQL database). The reason login can be used for
permission check is since login is member of all it’s users, so it inherits all their permissions so it
will be able execute any cross database objects owned by its users.

This commit handles functions and tables/views separately for cross database permission
checks. For functions/procedures, a new hook `ExecFuncProc_AclCheck_hook` and for tables/views
existing `ExecutorStart_hook` will be used to decide whether to use session user or current_user
for permission check depending upon whether the object is from same or different database.
We will be using `is_schema_from_db` function to identify if the object is from different database
which performs a lookup into `babelfish_namespace_ext` catalog table which can be expensive as will
be doing it pretty frequently. So, added this table into SYSCACHE for better performance.
Tables/views permissions are handled slightly different than functions as we do not blindly want to check
the permissions against session user (current login) since permissions of RTEs inside a view are checked
against that view's owner which can very well be a user of some different database. So if we blindly check
permission against session user instead of view's owner then it would break view's ownership chaining.
Instead, we will replace `checkAsUser` with it's corresponding mapped login if present and only in cases
where `checkAsUser` is not set, we will replace it with session user (login). We are using login to allow cross
database queries ... (continued)

76 of 79 new or added lines in 2 files covered. (96.2%)

6 existing lines in 2 files now uncovered.

42832 of 58112 relevant lines covered (73.71%)

146238.65 hits per line

New Missed Lines in Diff

Lines Coverage File
1
84.99
 -0.37% contrib/babelfishpg_tsql/src/catalog.c
2
83.77
 0.17% contrib/babelfishpg_tsql/src/hooks.c

Uncovered Existing Lines

Lines Coverage File
1
73.66
 -0.21% contrib/babelfishpg_tsql/src/dbcmds.c
5
84.99
 -0.37% contrib/babelfishpg_tsql/src/catalog.c
Jobs
ID Job ID Ran Files Coverage
1 11013575292.1 114
73.71
 GitHub Action Run
Source Files on build 11013575292