Skip to content

Commit

Permalink
feat(spanner/spansql): add support for CREATE VIEW with SQL SECURITY …
Browse files Browse the repository at this point in the history
…DEFINER (#8754)

Co-authored-by: rahul2393 <irahul@google.com>
  • Loading branch information
toga4 and rahul2393 authored Jan 30, 2024
1 parent e577006 commit 5f156e8
Show file tree
Hide file tree
Showing 5 changed files with 93 additions and 15 deletions.
27 changes: 22 additions & 5 deletions spanner/spansql/parser.go
Original file line number Diff line number Diff line change
Expand Up @@ -1311,7 +1311,7 @@ func (p *parser) parseCreateView() (*CreateView, *parseError) {

/*
{ CREATE VIEW | CREATE OR REPLACE VIEW } view_name
SQL SECURITY INVOKER
SQL SECURITY {INVOKER | DEFINER}
AS query
*/

Expand All @@ -1328,7 +1328,23 @@ func (p *parser) parseCreateView() (*CreateView, *parseError) {
return nil, err
}
vname, err := p.parseTableOrIndexOrColumnName()
if err := p.expect("SQL", "SECURITY", "INVOKER", "AS"); err != nil {
if err := p.expect("SQL", "SECURITY"); err != nil {
return nil, err
}
tok := p.next()
if tok.err != nil {
return nil, tok.err
}
var securityType SecurityType
switch {
case tok.caseEqual("INVOKER"):
securityType = Invoker
case tok.caseEqual("DEFINER"):
securityType = Definer
default:
return nil, p.errorf("got %q, want INVOKER or DEFINER", tok.value)
}
if err := p.expect("AS"); err != nil {
return nil, err
}
query, err := p.parseQuery()
Expand All @@ -1337,9 +1353,10 @@ func (p *parser) parseCreateView() (*CreateView, *parseError) {
}

return &CreateView{
Name: vname,
OrReplace: orReplace,
Query: query,
Name: vname,
OrReplace: orReplace,
SecurityType: securityType,
Query: query,

Position: pos,
}, nil
Expand Down
32 changes: 28 additions & 4 deletions spanner/spansql/parser_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -904,8 +904,9 @@ func TestParseDDL(t *testing.T) {
Position: line(58),
},
&CreateView{
Name: "SingersView",
OrReplace: false,
Name: "SingersView",
OrReplace: false,
SecurityType: Invoker,
Query: Query{
Select: Select{
List: []Expr{ID("SingerId"), ID("FullName")},
Expand Down Expand Up @@ -1298,8 +1299,9 @@ func TestParseDDL(t *testing.T) {
&DDL{
Filename: "filename", List: []DDLStmt{
&CreateView{
Name: "SingersView",
OrReplace: true,
Name: "SingersView",
OrReplace: true,
SecurityType: Invoker,
Query: Query{
Select: Select{
List: []Expr{ID("SingerId"), ID("FullName"), ID("Picture")},
Expand Down Expand Up @@ -1686,6 +1688,28 @@ func TestParseDDL(t *testing.T) {
},
},
},
{
`CREATE VIEW vname SQL SECURITY DEFINER AS SELECT cname FROM tname;`,
&DDL{
Filename: "filename",
List: []DDLStmt{
&CreateView{
Name: "vname",
OrReplace: false,
SecurityType: Definer,
Query: Query{
Select: Select{
List: []Expr{ID("cname")},
From: []SelectFrom{SelectFromTable{
Table: "tname",
}},
},
},
Position: line(1),
},
},
},
},
}
for _, test := range tests {
got, err := ParseDDL("filename", test.in)
Expand Down
12 changes: 11 additions & 1 deletion spanner/spansql/sql.go
Original file line number Diff line number Diff line change
Expand Up @@ -100,10 +100,20 @@ func (cv CreateView) SQL() string {
if cv.OrReplace {
str += " OR REPLACE"
}
str += " VIEW " + cv.Name.SQL() + " SQL SECURITY INVOKER AS " + cv.Query.SQL()
str += " VIEW " + cv.Name.SQL() + " SQL SECURITY " + cv.SecurityType.SQL() + " AS " + cv.Query.SQL()
return str
}

func (st SecurityType) SQL() string {
switch st {
case Invoker:
return "INVOKER"
case Definer:
return "DEFINER"
}
panic("unknown SecurityType")
}

func (cr CreateRole) SQL() string {
return "CREATE ROLE " + cr.Name.SQL()
}
Expand Down
23 changes: 21 additions & 2 deletions spanner/spansql/sql_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -199,8 +199,9 @@ func TestSQL(t *testing.T) {
},
{
&CreateView{
Name: "SingersView",
OrReplace: true,
Name: "SingersView",
OrReplace: true,
SecurityType: Invoker,
Query: Query{
Select: Select{
List: []Expr{ID("SingerId"), ID("FullName"), ID("Picture")},
Expand All @@ -218,6 +219,24 @@ func TestSQL(t *testing.T) {
"CREATE OR REPLACE VIEW SingersView SQL SECURITY INVOKER AS SELECT SingerId, FullName, Picture FROM Singers ORDER BY LastName, FirstName",
reparseDDL,
},
{
&CreateView{
Name: "vname",
OrReplace: false,
SecurityType: Definer,
Query: Query{
Select: Select{
List: []Expr{ID("cname")},
From: []SelectFrom{SelectFromTable{
Table: "tname",
}},
},
},
Position: line(1),
},
"CREATE VIEW vname SQL SECURITY DEFINER AS SELECT cname FROM tname",
reparseDDL,
},
{
&DropView{
Name: "SingersView",
Expand Down
14 changes: 11 additions & 3 deletions spanner/spansql/types.go
Original file line number Diff line number Diff line change
Expand Up @@ -123,9 +123,10 @@ func (ci *CreateIndex) clearOffset() { ci.Position.Offset = 0 }
// CreateView represents a CREATE [OR REPLACE] VIEW statement.
// https://cloud.google.com/spanner/docs/data-definition-language#view_statements
type CreateView struct {
Name ID
OrReplace bool
Query Query
Name ID
OrReplace bool
SecurityType SecurityType
Query Query

Position Position // position of the "CREATE" token
}
Expand All @@ -135,6 +136,13 @@ func (*CreateView) isDDLStmt() {}
func (cv *CreateView) Pos() Position { return cv.Position }
func (cv *CreateView) clearOffset() { cv.Position.Offset = 0 }

type SecurityType int

const (
Invoker SecurityType = iota
Definer
)

// CreateRole represents a CREATE Role statement.
// https://cloud.google.com/spanner/docs/reference/standard-sql/data-definition-language#create_role
type CreateRole struct {
Expand Down

0 comments on commit 5f156e8

Please sign in to comment.