Skip to content

Implementation of external data management #1158 #8759

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 4 commits into
base: master
Choose a base branch
from
Draft

Implementation of external data management #1158 #8759

wants to merge 4 commits into from

Conversation

@paradox1307
Copy link

@paradox1307
Copy link
Author

This is a draft implementation of external data management (SQL:MED). It will be improved after the metacache #7954 is merged.

@dyemanov dyemanov marked this pull request as draft September 30, 2025 07:34
@dyemanov dyemanov self-requested a review September 30, 2025 07:35
@sim1984
Copy link
Contributor

sim1984 commented Sep 30, 2025

Are there any restrictions for users/roles on using foreign servers? I think there should be. That is, we should have something like:

GRANT USAGE ON SERVER <server_name>
TO <grantee_list> [WITH GRANT OPTION]
[{GRANTED BY | AS} [USER] <grantor>];

REVOKE [GRANT OPTION FOR]
USAGE ON SERVER <server_name>
FROM <grantee_list>
[{GRANTED BY | AS} [USER] <grantor>];

This is important, especially if the foreign server stores authentication data. Not every authenticated user should be able to use it in an EXECUTE STATEMENT.

sim1984
sim1984 reviewed Sep 30, 2025
View reviewed changes
doc/sql.extensions/README.MED.md Outdated
| RDB$FOREIGN_SERVER_NAME | CHAR \(63\) | The foreign server name |
| RDB$FOREIGN_OPTION_NAME | CHAR \(63\) | Option name |
| RDB$FOREIGN_OPTION_VALUE | VARCHAR \(32765\) | Option value |
| RDB$OWNER_NAME | SHORT | Option type |
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

May be RDB$FOREIGN_OPTION_TYPE ?

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, corrected.

sim1984
sim1984 reviewed Oct 1, 2025
View reviewed changes
src/jrd/ForeignServer.cpp
continue;

buffer.append(option.first.c_str());
buffer.append(";");
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is there a semicolon ; here? I would have expected an equals symbol =.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The idea was that option names and option values follow each other and there is no sense in adding a special character to separate them, i.e. option_1_name;option_1_value;option_2_name;option_2_value;.... If this is confusing, it can be changed to something else.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In principle, this approach will work, provided that each option requires a value. In this case, we eliminate the possibility of passing only the option name as a flag.

@paradox1307
Implement grant/revoke usage on foreign server
df133b1 
GRANT USAGE ON FOREIGN SERVER <server_name>
TO <grantee_list> [WITH GRANT OPTION]
[{GRANTED BY | AS} [USER] <grantor>];

REVOKE [GRANT OPTION FOR]
USAGE ON FOREIGN SERVER <server_name>
FROM <grantee_list>
[{GRANTED BY | AS} [USER] <grantor>];
@paradox1307
Fix a typo
9bc5dda
@paradox1307
Copy link
Author

Are there any restrictions for users/roles on using foreign servers? I think there should be.

Yes, there should be restrictions on using foreign servers. The MED standard requires GRANT/REVOKE USAGE ON FOREIGN SERVER. Implemented in df133b1 . Please note that when creating foreign tables and user mappings, USAGE checks have also been added, as required by the standard.

sim1984
sim1984 reviewed Oct 29, 2025
View reviewed changes
doc/sql.extensions/README.MED.md
[[DROP] FOREIGN DATA WRAPPER | [DROP] USING PLUGIN <provider(plugin)>] [OPTIONS(<option> [, <option> ...] )]
<option> ::= {
[DROP] <option name> [= 'value']
| [DROP] <option name> [{FILE | ENV}] ['value'] }
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This description confuses people because it's unclear what's required and what's optional. A better explanation would be:

ALTER SERVER <foreign server name>
        [[DROP] {FOREIGN DATA WRAPPER | USING PLUGIN} <provider(plugin)>] 
        [OPTIONS (<option> [, <option> ...] )]

<option> ::= {
          <option name> = 'value'
        | <option name> [{FILE | ENV}] 'value' 
        | DROP <option name>
}

@sim1984
Copy link
Contributor

sim1984 commented Oct 29, 2025

Are there any restrictions for users/roles on using foreign servers? I think there should be.

Yes, there should be restrictions on using foreign servers. The MED standard requires GRANT/REVOKE USAGE ON FOREIGN SERVER. Implemented in df133b1 . Please note that when creating foreign tables and user mappings, USAGE checks have also been added, as required by the standard.

This should be described in the README.MED.md documentation.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@dyemanov dyemanov Awaiting requested review from dyemanov

1 more reviewer

@sim1984 sim1984 sim1984 left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@paradox1307 @sim1984