-
Notifications
You must be signed in to change notification settings - Fork 454
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
sql: add pg_catalog.pg_user
view
#27161
Conversation
pg_catalog.pg_user
view
-- We determine login status each time a role logs in, so there's no clean | ||
-- way to accurately determine this in the catalog. Instead we do something | ||
-- a little gross. For system roles, we hardcode the known roles that can | ||
-- log in. For user roles, we determine `rolcanlogin` based on whether the | ||
-- role name looks like an email address. | ||
-- | ||
-- This works for the vast majority of cases in production. Roles that users | ||
-- log in to come from Frontegg and therefore *must* be valid email | ||
-- addresses, while roles that are created via `CREATE ROLE` (e.g., | ||
-- `admin`, `prod_app`) almost certainly are not named to look like email | ||
-- addresses. | ||
-- | ||
-- For the moment, we're comfortable with the edge cases here. If we discover | ||
-- that folks are regularly creating non-login roles with names that look | ||
-- like an email address (e.g., `admins@sysops.foocorp`), we can change | ||
-- course. | ||
( | ||
r.name IN ('mz_support', 'mz_system') | ||
-- This entire scheme is sloppy, so we intentionally use a simple | ||
-- regex to match email addresses, rather than one that perfectly | ||
-- matches the RFC on what constitutes a valid email address. | ||
OR r.name ~ '^[^@]+@[^@]+\.[^@]+$' | ||
) AS rolcanlogin, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@MaterializeInc/adapter any qualms about this? Seemed like the best of the available options. We can always figure out how to do something more robust in the future.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't love it, but I also don't have any better suggestions.
For Metaplane compatibility. To bring our `pg_user`, `pg_roles`, and `pg_authid` views in line with PostgreSQL, this commit also refactors how `rolcanlogin` is derived. We now do something a little gross but that will work well in practice to derive `rolcanlogin` from whether a role name looks like an email address, instead of hardcoding `NULL`. This makes the distinction between `pg_user` and `pg_roles` more useful: the former contains only the roles for which `rolcanlogin` is true, while the latter contains all roles. Split out from MaterializeInc#27155. Co-authored-by: Nikhil Benesch <nikhil.benesch@gmail.com>
-- We determine login status each time a role logs in, so there's no clean | ||
-- way to accurately determine this in the catalog. Instead we do something | ||
-- a little gross. For system roles, we hardcode the known roles that can | ||
-- log in. For user roles, we determine `rolcanlogin` based on whether the | ||
-- role name looks like an email address. | ||
-- | ||
-- This works for the vast majority of cases in production. Roles that users | ||
-- log in to come from Frontegg and therefore *must* be valid email | ||
-- addresses, while roles that are created via `CREATE ROLE` (e.g., | ||
-- `admin`, `prod_app`) almost certainly are not named to look like email | ||
-- addresses. | ||
-- | ||
-- For the moment, we're comfortable with the edge cases here. If we discover | ||
-- that folks are regularly creating non-login roles with names that look | ||
-- like an email address (e.g., `admins@sysops.foocorp`), we can change | ||
-- course. | ||
( | ||
r.name IN ('mz_support', 'mz_system') | ||
-- This entire scheme is sloppy, so we intentionally use a simple | ||
-- regex to match email addresses, rather than one that perfectly | ||
-- matches the RFC on what constitutes a valid email address. | ||
OR r.name ~ '^[^@]+@[^@]+\.[^@]+$' | ||
) AS rolcanlogin, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't love it, but I also don't have any better suggestions.
For Metaplane compatibility.
To bring our
pg_user
,pg_roles
, andpg_authid
views in line with PostgreSQL, this commit also refactors howrolcanlogin
is derived. We now do something a little gross but that will work well in practice to deriverolcanlogin
from whether a role name looks like an email address, instead of hardcodingNULL
. This makes the distinction betweenpg_user
andpg_roles
more useful: the former contains only the roles for whichrolcanlogin
is true, while the latter contains all roles.Split out from #27155.
Motivation
Checklist
$T ⇔ Proto$T
mapping (possibly in a backwards-incompatible way), then it is tagged with aT-proto
label.pg_catalog.pg_user
view for PostgreSQL compatibility.