New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: Add support for db roles list #1807
Conversation
Warning: This pull request is touching the following templated files:
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks generally good to me, with a couple of small nits. The biggest issue here might be the documentation / explanation of what this is and how customers should use it. We are calling it something like defaultCreatorRole
, but I don't think that makes it clear to customers what it does and why they should use it.
final String databaseName = getDatabaseName(instanceId, databaseId); | ||
final Options listOptions = Options.fromListOptions(options); | ||
Preconditions.checkArgument( | ||
!listOptions.hasFilter(), "Filter option is not supported by listDatabasesRoles"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I assume that this is a backend limitation (albeit one that I find a little strange...)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes, As per the discussions with the team they wont be providing a filter option, I will remove it from the code.
if (this == o) { | ||
return true; | ||
} | ||
if (o == null || getClass() != o.getClass()) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: I would prefer equals
over !=
, even when we know that the default implementation of equals
just uses ==
if (o == null || getClass() != o.getClass()) { | |
if (o == null || !getClass().equals(o.getClass())) { |
@@ -271,7 +274,10 @@ public String[] getValidValues() { | |||
RPC_PRIORITY_NAME, | |||
"Sets the priority for all RPC invocations from this connection (HIGH/MEDIUM/LOW). The default is HIGH."), | |||
ConnectionProperty.createStringProperty( | |||
DIALECT_PROPERTY_NAME, "Sets the dialect to use for this connection.")))); | |||
DIALECT_PROPERTY_NAME, "Sets the dialect to use for this connection."), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(Not related to this PR, but more a general note): We should remove this property as we don't need it and don't use it.
DIALECT_PROPERTY_NAME, "Sets the dialect to use for this connection."), | ||
ConnectionProperty.createStringProperty( | ||
CREATOR_ROLE_PROPERTY_NAME, | ||
"Sets the default creator role to use for this connection.")))); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't think anyone is going to understand what 'the default creator role` is. We need a better description of what this property is and why anyone might want to use this.
private final String name; | ||
|
||
public Builder(String name) { | ||
this.name = name; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We seem to assume that the name will always be non-null and not empty, so we should check for that here.
this.name = name; | |
this.name = Preconditions.checkNotNullOrEmpty(name); |
try (ResultSet rs = | ||
dbClient.singleUse().executeQuery(Statement.of("SELECT COUNT(*) as cnt FROM T"))) { | ||
rs.next(); | ||
fail("Missing expected permission denied to dbRoleParent Exception"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
use assertThrows(...)
instead of fail(..)
.
try (ResultSet rs = | ||
dbClient.singleUse().executeQuery(Statement.of("SELECT COUNT(*) as cnt FROM T"))) { | ||
rs.next(); | ||
fail("Missing expected permission denied to dbRoleOrphan Exception"); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Here also: use assertThrows(SpannerException.class, rs::next)
instanceId, databaseId, ImmutableList.of(createTableT, createRoleOrphan)) | ||
.get(5, TimeUnit.MINUTES); | ||
|
||
// Connect to db with dbRoleParent. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit:
// Connect to db with dbRoleParent. | |
// Connect to db with dbRoleOrphan. |
} | ||
|
||
@Test | ||
public void orphanRolePermissions() throws Exception { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What exactly is this test case testing? That a role that has not received any specific permissions has no permissions? I think it would be good to add a comment to explain what it is that we are verifying here.
|
||
// Required. The database whose roles should be listed. | ||
// Values are of the form | ||
// `projects/<project>/instances/<instance>/databases/<database>/databaseRoles`. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Should there really be a "/databaseRoles" suffix there?
Rebase to #1916 |
feat: Add support for db roles list.