1996-07-09 08:22:35 +02:00
|
|
|
/*-------------------------------------------------------------------------
|
|
|
|
|
*
|
1999-02-14 00:22:53 +01:00
|
|
|
* rewriteHandler.c
|
2001-06-13 20:56:30 +02:00
|
|
|
* Primary module of query rewriter.
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
2017-01-03 19:48:53 +01:00
|
|
|
* Portions Copyright (c) 1996-2017, PostgreSQL Global Development Group
|
2000-01-26 06:58:53 +01:00
|
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
|
|
|
|
* IDENTIFICATION
|
2010-09-20 22:08:53 +02:00
|
|
|
* src/backend/rewrite/rewriteHandler.c
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
2015-08-28 16:24:32 +02:00
|
|
|
* NOTES
|
|
|
|
|
* Some of the terms used in this file are of historic nature: "retrieve"
|
|
|
|
|
* was the PostQUEL keyword for what today is SELECT. "RIR" stands for
|
|
|
|
|
* "Retrieve-Instead-Retrieve", that is an ON SELECT DO INSTEAD SELECT rule
|
|
|
|
|
* (which has to be unconditional and where only one rule can exist on each
|
|
|
|
|
* relation).
|
|
|
|
|
*
|
1996-07-09 08:22:35 +02:00
|
|
|
*-------------------------------------------------------------------------
|
|
|
|
|
*/
|
|
|
|
|
#include "postgres.h"
|
|
|
|
|
|
2010-10-10 19:43:33 +02:00
|
|
|
#include "access/sysattr.h"
|
2017-04-06 14:33:16 +02:00
|
|
|
#include "catalog/dependency.h"
|
1998-10-02 18:28:04 +02:00
|
|
|
#include "catalog/pg_type.h"
|
2011-02-23 18:18:09 +01:00
|
|
|
#include "commands/trigger.h"
|
2013-03-10 19:14:53 +01:00
|
|
|
#include "foreign/fdwapi.h"
|
1999-08-26 01:21:43 +02:00
|
|
|
#include "nodes/makefuncs.h"
|
2008-08-26 00:42:34 +02:00
|
|
|
#include "nodes/nodeFuncs.h"
|
1999-07-16 07:00:38 +02:00
|
|
|
#include "parser/analyze.h"
|
2002-04-05 07:47:05 +02:00
|
|
|
#include "parser/parse_coerce.h"
|
|
|
|
|
#include "parser/parsetree.h"
|
2007-03-20 00:38:32 +01:00
|
|
|
#include "rewrite/rewriteDefine.h"
|
2001-06-13 20:56:30 +02:00
|
|
|
#include "rewrite/rewriteHandler.h"
|
1999-07-16 07:00:38 +02:00
|
|
|
#include "rewrite/rewriteManip.h"
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
#include "rewrite/rowsecurity.h"
|
2002-04-05 07:47:05 +02:00
|
|
|
#include "utils/builtins.h"
|
1999-07-16 07:00:38 +02:00
|
|
|
#include "utils/lsyscache.h"
|
2011-02-23 18:18:09 +01:00
|
|
|
#include "utils/rel.h"
|
1998-10-02 18:28:04 +02:00
|
|
|
|
|
|
|
|
|
2003-02-26 00:47:43 +01:00
|
|
|
/* We use a list of these to detect recursion in RewriteQuery */
|
2003-08-04 02:43:34 +02:00
|
|
|
typedef struct rewrite_event
|
|
|
|
|
{
|
2003-02-26 00:47:43 +01:00
|
|
|
Oid relation; /* OID of relation having rules */
|
|
|
|
|
CmdType event; /* type of rule being fired */
|
2003-08-08 23:42:59 +02:00
|
|
|
} rewrite_event;
|
2003-02-26 00:47:43 +01:00
|
|
|
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
typedef struct acquireLocksOnSubLinks_context
|
|
|
|
|
{
|
|
|
|
|
bool for_execute; /* AcquireRewriteLocks' forExecute param */
|
|
|
|
|
} acquireLocksOnSubLinks_context;
|
|
|
|
|
|
|
|
|
|
static bool acquireLocksOnSubLinks(Node *node,
|
|
|
|
|
acquireLocksOnSubLinks_context *context);
|
2001-06-13 20:56:30 +02:00
|
|
|
static Query *rewriteRuleAction(Query *parsetree,
|
2001-10-25 07:50:21 +02:00
|
|
|
Query *rule_action,
|
|
|
|
|
Node *rule_qual,
|
|
|
|
|
int rt_index,
|
2006-09-02 19:06:52 +02:00
|
|
|
CmdType event,
|
|
|
|
|
bool *returning_flag);
|
2001-01-27 05:40:59 +01:00
|
|
|
static List *adjustJoinTreeList(Query *parsetree, bool removert, int rt_index);
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
static List *rewriteTargetListIU(List *targetList,
|
|
|
|
|
CmdType commandType,
|
2017-04-06 14:33:16 +02:00
|
|
|
OverridingKind override,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
Relation target_relation,
|
|
|
|
|
int result_rti,
|
2010-10-10 19:43:33 +02:00
|
|
|
List **attrno_list);
|
2002-04-05 07:47:05 +02:00
|
|
|
static TargetEntry *process_matched_tle(TargetEntry *src_tle,
|
2004-08-29 07:07:03 +02:00
|
|
|
TargetEntry *prior_tle,
|
|
|
|
|
const char *attrName);
|
2004-06-09 21:08:20 +02:00
|
|
|
static Node *get_assignment_input(Node *node);
|
2006-08-02 03:59:48 +02:00
|
|
|
static void rewriteValuesRTE(RangeTblEntry *rte, Relation target_relation,
|
2006-10-04 02:30:14 +02:00
|
|
|
List *attrnos);
|
2010-10-19 21:08:37 +02:00
|
|
|
static void rewriteTargetListUD(Query *parsetree, RangeTblEntry *target_rte,
|
2011-04-10 17:42:00 +02:00
|
|
|
Relation target_relation);
|
2007-03-01 19:50:28 +01:00
|
|
|
static void markQueryForLocking(Query *qry, Node *jtnode,
|
2014-10-07 22:23:34 +02:00
|
|
|
LockClauseStrength strength, LockWaitPolicy waitPolicy,
|
|
|
|
|
bool pushedDown);
|
2000-09-29 20:21:41 +02:00
|
|
|
static List *matchLocks(CmdType event, RuleLock *rulelocks,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
int varno, Query *parsetree, bool *hasUpdate);
|
2009-10-28 18:36:50 +01:00
|
|
|
static Query *fireRIRrules(Query *parsetree, List *activeRIRs,
|
2010-02-26 03:01:40 +01:00
|
|
|
bool forUpdatePushedDown);
|
2013-10-18 16:35:36 +02:00
|
|
|
static bool view_has_instead_trigger(Relation view, CmdType event);
|
|
|
|
|
static Bitmapset *adjust_view_column_set(Bitmapset *cols, List *targetlist);
|
2000-10-05 21:11:39 +02:00
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
|
|
|
|
* AcquireRewriteLocks -
|
|
|
|
|
* Acquire suitable locks on all the relations mentioned in the Query.
|
|
|
|
|
* These locks will ensure that the relation schemas don't change under us
|
|
|
|
|
* while we are rewriting and planning the query.
|
|
|
|
|
*
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
* forExecute indicates that the query is about to be executed.
|
|
|
|
|
* If so, we'll acquire RowExclusiveLock on the query's resultRelation,
|
|
|
|
|
* RowShareLock on any relation accessed FOR [KEY] UPDATE/SHARE, and
|
|
|
|
|
* AccessShareLock on all other relations mentioned.
|
|
|
|
|
*
|
|
|
|
|
* If forExecute is false, AccessShareLock is acquired on all relations.
|
|
|
|
|
* This case is suitable for ruleutils.c, for example, where we only need
|
|
|
|
|
* schema stability and we don't intend to actually modify any relations.
|
|
|
|
|
*
|
|
|
|
|
* forUpdatePushedDown indicates that a pushed-down FOR [KEY] UPDATE/SHARE
|
|
|
|
|
* applies to the current subquery, requiring all rels to be opened with at
|
|
|
|
|
* least RowShareLock. This should always be false at the top of the
|
|
|
|
|
* recursion. This flag is ignored if forExecute is false.
|
2009-10-28 18:36:50 +01:00
|
|
|
*
|
2005-06-04 01:05:30 +02:00
|
|
|
* A secondary purpose of this routine is to fix up JOIN RTE references to
|
|
|
|
|
* dropped columns (see details below). Because the RTEs are modified in
|
|
|
|
|
* place, it is generally appropriate for the caller of this routine to have
|
|
|
|
|
* first done a copyObject() to make a writable copy of the querytree in the
|
|
|
|
|
* current memory context.
|
|
|
|
|
*
|
|
|
|
|
* This processing can, and for efficiency's sake should, be skipped when the
|
|
|
|
|
* querytree has just been built by the parser: parse analysis already got
|
|
|
|
|
* all the same locks we'd get here, and the parser will have omitted dropped
|
|
|
|
|
* columns from JOINs to begin with. But we must do this whenever we are
|
|
|
|
|
* dealing with a querytree produced earlier than the current command.
|
|
|
|
|
*
|
|
|
|
|
* About JOINs and dropped columns: although the parser never includes an
|
|
|
|
|
* already-dropped column in a JOIN RTE's alias var list, it is possible for
|
|
|
|
|
* such a list in a stored rule to include references to dropped columns.
|
|
|
|
|
* (If the column is not explicitly referenced anywhere else in the query,
|
|
|
|
|
* the dependency mechanism won't consider it used by the rule and so won't
|
Change post-rewriter representation of dropped columns in joinaliasvars.
It's possible to drop a column from an input table of a JOIN clause in a
view, if that column is nowhere actually referenced in the view. But it
will still be there in the JOIN clause's joinaliasvars list. We used to
replace such entries with NULL Const nodes, which is handy for generation
of RowExpr expansion of a whole-row reference to the view. The trouble
with that is that it can't be distinguished from the situation after
subquery pull-up of a constant subquery output expression below the JOIN.
Instead, replace such joinaliasvars with null pointers (empty expression
trees), which can't be confused with pulled-up expressions. expandRTE()
still emits the old convention, though, for convenience of RowExpr
generation and to reduce the risk of breaking extension code.
In HEAD and 9.3, this patch also fixes a problem with some new code in
ruleutils.c that was failing to cope with implicitly-casted joinaliasvars
entries, as per recent report from Feike Steenbergen. That oversight was
because of an inadequate description of the data structure in parsenodes.h,
which I've now corrected. There were some pre-existing oversights of the
same ilk elsewhere, which I believe are now all fixed.
2013-07-23 22:23:01 +02:00
|
|
|
* prevent the column drop.) To support get_rte_attribute_is_dropped(), we
|
|
|
|
|
* replace join alias vars that reference dropped columns with null pointers.
|
2005-06-04 01:05:30 +02:00
|
|
|
*
|
|
|
|
|
* (In PostgreSQL 8.0, we did not do this processing but instead had
|
|
|
|
|
* get_rte_attribute_is_dropped() recurse to detect dropped columns in joins.
|
|
|
|
|
* That approach had horrible performance unfortunately; in particular
|
|
|
|
|
* construction of a nested join was O(N^2) in the nesting depth.)
|
|
|
|
|
*/
|
|
|
|
|
void
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
AcquireRewriteLocks(Query *parsetree,
|
|
|
|
|
bool forExecute,
|
|
|
|
|
bool forUpdatePushedDown)
|
2005-06-04 01:05:30 +02:00
|
|
|
{
|
|
|
|
|
ListCell *l;
|
|
|
|
|
int rt_index;
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
acquireLocksOnSubLinks_context context;
|
|
|
|
|
|
|
|
|
|
context.for_execute = forExecute;
|
2005-06-04 01:05:30 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* First, process RTEs of the current query level.
|
|
|
|
|
*/
|
|
|
|
|
rt_index = 0;
|
|
|
|
|
foreach(l, parsetree->rtable)
|
|
|
|
|
{
|
|
|
|
|
RangeTblEntry *rte = (RangeTblEntry *) lfirst(l);
|
|
|
|
|
Relation rel;
|
|
|
|
|
LOCKMODE lockmode;
|
|
|
|
|
List *newaliasvars;
|
2005-06-04 21:19:42 +02:00
|
|
|
Index curinputvarno;
|
|
|
|
|
RangeTblEntry *curinputrte;
|
2005-06-04 01:05:30 +02:00
|
|
|
ListCell *ll;
|
|
|
|
|
|
|
|
|
|
++rt_index;
|
|
|
|
|
switch (rte->rtekind)
|
|
|
|
|
{
|
|
|
|
|
case RTE_RELATION:
|
2005-10-15 04:49:52 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Grab the appropriate lock type for the relation, and do not
|
|
|
|
|
* release it until end of transaction. This protects the
|
|
|
|
|
* rewriter and planner against schema changes mid-query.
|
2005-06-04 01:05:30 +02:00
|
|
|
*
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
* Assuming forExecute is true, this logic must match what the
|
|
|
|
|
* executor will do, else we risk lock-upgrade deadlocks.
|
2005-06-04 01:05:30 +02:00
|
|
|
*/
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
if (!forExecute)
|
|
|
|
|
lockmode = AccessShareLock;
|
|
|
|
|
else if (rt_index == parsetree->resultRelation)
|
2005-06-04 01:05:30 +02:00
|
|
|
lockmode = RowExclusiveLock;
|
2009-10-28 18:36:50 +01:00
|
|
|
else if (forUpdatePushedDown ||
|
|
|
|
|
get_parse_rowmark(parsetree, rt_index) != NULL)
|
2005-06-04 01:05:30 +02:00
|
|
|
lockmode = RowShareLock;
|
|
|
|
|
else
|
|
|
|
|
lockmode = AccessShareLock;
|
|
|
|
|
|
|
|
|
|
rel = heap_open(rte->relid, lockmode);
|
2011-02-23 01:23:23 +01:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* While we have the relation open, update the RTE's relkind,
|
|
|
|
|
* just in case it changed since this rule was made.
|
|
|
|
|
*/
|
|
|
|
|
rte->relkind = rel->rd_rel->relkind;
|
|
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
heap_close(rel, NoLock);
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case RTE_JOIN:
|
2005-10-15 04:49:52 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Scan the join's alias var list to see if any columns have
|
Change post-rewriter representation of dropped columns in joinaliasvars.
It's possible to drop a column from an input table of a JOIN clause in a
view, if that column is nowhere actually referenced in the view. But it
will still be there in the JOIN clause's joinaliasvars list. We used to
replace such entries with NULL Const nodes, which is handy for generation
of RowExpr expansion of a whole-row reference to the view. The trouble
with that is that it can't be distinguished from the situation after
subquery pull-up of a constant subquery output expression below the JOIN.
Instead, replace such joinaliasvars with null pointers (empty expression
trees), which can't be confused with pulled-up expressions. expandRTE()
still emits the old convention, though, for convenience of RowExpr
generation and to reduce the risk of breaking extension code.
In HEAD and 9.3, this patch also fixes a problem with some new code in
ruleutils.c that was failing to cope with implicitly-casted joinaliasvars
entries, as per recent report from Feike Steenbergen. That oversight was
because of an inadequate description of the data structure in parsenodes.h,
which I've now corrected. There were some pre-existing oversights of the
same ilk elsewhere, which I believe are now all fixed.
2013-07-23 22:23:01 +02:00
|
|
|
* been dropped, and if so replace those Vars with null
|
|
|
|
|
* pointers.
|
2005-06-04 21:19:42 +02:00
|
|
|
*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Since a join has only two inputs, we can expect to see
|
|
|
|
|
* multiple references to the same input RTE; optimize away
|
|
|
|
|
* multiple fetches.
|
2005-06-04 01:05:30 +02:00
|
|
|
*/
|
|
|
|
|
newaliasvars = NIL;
|
2005-06-04 21:19:42 +02:00
|
|
|
curinputvarno = 0;
|
|
|
|
|
curinputrte = NULL;
|
2005-06-04 01:05:30 +02:00
|
|
|
foreach(ll, rte->joinaliasvars)
|
|
|
|
|
{
|
Change post-rewriter representation of dropped columns in joinaliasvars.
It's possible to drop a column from an input table of a JOIN clause in a
view, if that column is nowhere actually referenced in the view. But it
will still be there in the JOIN clause's joinaliasvars list. We used to
replace such entries with NULL Const nodes, which is handy for generation
of RowExpr expansion of a whole-row reference to the view. The trouble
with that is that it can't be distinguished from the situation after
subquery pull-up of a constant subquery output expression below the JOIN.
Instead, replace such joinaliasvars with null pointers (empty expression
trees), which can't be confused with pulled-up expressions. expandRTE()
still emits the old convention, though, for convenience of RowExpr
generation and to reduce the risk of breaking extension code.
In HEAD and 9.3, this patch also fixes a problem with some new code in
ruleutils.c that was failing to cope with implicitly-casted joinaliasvars
entries, as per recent report from Feike Steenbergen. That oversight was
because of an inadequate description of the data structure in parsenodes.h,
which I've now corrected. There were some pre-existing oversights of the
same ilk elsewhere, which I believe are now all fixed.
2013-07-23 22:23:01 +02:00
|
|
|
Var *aliasitem = (Var *) lfirst(ll);
|
|
|
|
|
Var *aliasvar = aliasitem;
|
|
|
|
|
|
|
|
|
|
/* Look through any implicit coercion */
|
|
|
|
|
aliasvar = (Var *) strip_implicit_coercions((Node *) aliasvar);
|
2005-06-04 01:05:30 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If the list item isn't a simple Var, then it must
|
|
|
|
|
* represent a merged column, ie a USING column, and so it
|
|
|
|
|
* couldn't possibly be dropped, since it's referenced in
|
Change post-rewriter representation of dropped columns in joinaliasvars.
It's possible to drop a column from an input table of a JOIN clause in a
view, if that column is nowhere actually referenced in the view. But it
will still be there in the JOIN clause's joinaliasvars list. We used to
replace such entries with NULL Const nodes, which is handy for generation
of RowExpr expansion of a whole-row reference to the view. The trouble
with that is that it can't be distinguished from the situation after
subquery pull-up of a constant subquery output expression below the JOIN.
Instead, replace such joinaliasvars with null pointers (empty expression
trees), which can't be confused with pulled-up expressions. expandRTE()
still emits the old convention, though, for convenience of RowExpr
generation and to reduce the risk of breaking extension code.
In HEAD and 9.3, this patch also fixes a problem with some new code in
ruleutils.c that was failing to cope with implicitly-casted joinaliasvars
entries, as per recent report from Feike Steenbergen. That oversight was
because of an inadequate description of the data structure in parsenodes.h,
which I've now corrected. There were some pre-existing oversights of the
same ilk elsewhere, which I believe are now all fixed.
2013-07-23 22:23:01 +02:00
|
|
|
* the join clause. (Conceivably it could also be a null
|
|
|
|
|
* pointer already? But that's OK too.)
|
2005-06-04 01:05:30 +02:00
|
|
|
*/
|
Change post-rewriter representation of dropped columns in joinaliasvars.
It's possible to drop a column from an input table of a JOIN clause in a
view, if that column is nowhere actually referenced in the view. But it
will still be there in the JOIN clause's joinaliasvars list. We used to
replace such entries with NULL Const nodes, which is handy for generation
of RowExpr expansion of a whole-row reference to the view. The trouble
with that is that it can't be distinguished from the situation after
subquery pull-up of a constant subquery output expression below the JOIN.
Instead, replace such joinaliasvars with null pointers (empty expression
trees), which can't be confused with pulled-up expressions. expandRTE()
still emits the old convention, though, for convenience of RowExpr
generation and to reduce the risk of breaking extension code.
In HEAD and 9.3, this patch also fixes a problem with some new code in
ruleutils.c that was failing to cope with implicitly-casted joinaliasvars
entries, as per recent report from Feike Steenbergen. That oversight was
because of an inadequate description of the data structure in parsenodes.h,
which I've now corrected. There were some pre-existing oversights of the
same ilk elsewhere, which I believe are now all fixed.
2013-07-23 22:23:01 +02:00
|
|
|
if (aliasvar && IsA(aliasvar, Var))
|
2005-06-04 01:05:30 +02:00
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* The elements of an alias list have to refer to
|
2005-10-15 04:49:52 +02:00
|
|
|
* earlier RTEs of the same rtable, because that's the
|
2014-05-06 18:12:18 +02:00
|
|
|
* order the planner builds things in. So we already
|
2005-10-15 04:49:52 +02:00
|
|
|
* processed the referenced RTE, and so it's safe to
|
|
|
|
|
* use get_rte_attribute_is_dropped on it. (This might
|
|
|
|
|
* not hold after rewriting or planning, but it's OK
|
|
|
|
|
* to assume here.)
|
2005-06-04 01:05:30 +02:00
|
|
|
*/
|
|
|
|
|
Assert(aliasvar->varlevelsup == 0);
|
2005-06-04 21:19:42 +02:00
|
|
|
if (aliasvar->varno != curinputvarno)
|
|
|
|
|
{
|
|
|
|
|
curinputvarno = aliasvar->varno;
|
|
|
|
|
if (curinputvarno >= rt_index)
|
|
|
|
|
elog(ERROR, "unexpected varno %d in JOIN RTE %d",
|
|
|
|
|
curinputvarno, rt_index);
|
|
|
|
|
curinputrte = rt_fetch(curinputvarno,
|
|
|
|
|
parsetree->rtable);
|
|
|
|
|
}
|
|
|
|
|
if (get_rte_attribute_is_dropped(curinputrte,
|
|
|
|
|
aliasvar->varattno))
|
2005-06-04 01:05:30 +02:00
|
|
|
{
|
Change post-rewriter representation of dropped columns in joinaliasvars.
It's possible to drop a column from an input table of a JOIN clause in a
view, if that column is nowhere actually referenced in the view. But it
will still be there in the JOIN clause's joinaliasvars list. We used to
replace such entries with NULL Const nodes, which is handy for generation
of RowExpr expansion of a whole-row reference to the view. The trouble
with that is that it can't be distinguished from the situation after
subquery pull-up of a constant subquery output expression below the JOIN.
Instead, replace such joinaliasvars with null pointers (empty expression
trees), which can't be confused with pulled-up expressions. expandRTE()
still emits the old convention, though, for convenience of RowExpr
generation and to reduce the risk of breaking extension code.
In HEAD and 9.3, this patch also fixes a problem with some new code in
ruleutils.c that was failing to cope with implicitly-casted joinaliasvars
entries, as per recent report from Feike Steenbergen. That oversight was
because of an inadequate description of the data structure in parsenodes.h,
which I've now corrected. There were some pre-existing oversights of the
same ilk elsewhere, which I believe are now all fixed.
2013-07-23 22:23:01 +02:00
|
|
|
/* Replace the join alias item with a NULL */
|
|
|
|
|
aliasitem = NULL;
|
2005-06-04 01:05:30 +02:00
|
|
|
}
|
|
|
|
|
}
|
Change post-rewriter representation of dropped columns in joinaliasvars.
It's possible to drop a column from an input table of a JOIN clause in a
view, if that column is nowhere actually referenced in the view. But it
will still be there in the JOIN clause's joinaliasvars list. We used to
replace such entries with NULL Const nodes, which is handy for generation
of RowExpr expansion of a whole-row reference to the view. The trouble
with that is that it can't be distinguished from the situation after
subquery pull-up of a constant subquery output expression below the JOIN.
Instead, replace such joinaliasvars with null pointers (empty expression
trees), which can't be confused with pulled-up expressions. expandRTE()
still emits the old convention, though, for convenience of RowExpr
generation and to reduce the risk of breaking extension code.
In HEAD and 9.3, this patch also fixes a problem with some new code in
ruleutils.c that was failing to cope with implicitly-casted joinaliasvars
entries, as per recent report from Feike Steenbergen. That oversight was
because of an inadequate description of the data structure in parsenodes.h,
which I've now corrected. There were some pre-existing oversights of the
same ilk elsewhere, which I believe are now all fixed.
2013-07-23 22:23:01 +02:00
|
|
|
newaliasvars = lappend(newaliasvars, aliasitem);
|
2005-06-04 01:05:30 +02:00
|
|
|
}
|
|
|
|
|
rte->joinaliasvars = newaliasvars;
|
|
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
case RTE_SUBQUERY:
|
2005-10-15 04:49:52 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
|
|
|
|
* The subquery RTE itself is all right, but we have to
|
|
|
|
|
* recurse to process the represented subquery.
|
|
|
|
|
*/
|
2009-10-28 18:36:50 +01:00
|
|
|
AcquireRewriteLocks(rte->subquery,
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
forExecute,
|
2009-10-28 18:36:50 +01:00
|
|
|
(forUpdatePushedDown ||
|
2010-02-26 03:01:40 +01:00
|
|
|
get_parse_rowmark(parsetree, rt_index) != NULL));
|
2005-06-04 01:05:30 +02:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
default:
|
|
|
|
|
/* ignore other types of RTEs */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2008-10-04 23:56:55 +02:00
|
|
|
/* Recurse into subqueries in WITH */
|
|
|
|
|
foreach(l, parsetree->cteList)
|
|
|
|
|
{
|
|
|
|
|
CommonTableExpr *cte = (CommonTableExpr *) lfirst(l);
|
|
|
|
|
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
AcquireRewriteLocks((Query *) cte->ctequery, forExecute, false);
|
2008-10-04 23:56:55 +02:00
|
|
|
}
|
|
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Recurse into sublink subqueries, too. But we already did the ones in
|
2008-10-04 23:56:55 +02:00
|
|
|
* the rtable and cteList.
|
2005-06-04 01:05:30 +02:00
|
|
|
*/
|
|
|
|
|
if (parsetree->hasSubLinks)
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
query_tree_walker(parsetree, acquireLocksOnSubLinks, &context,
|
2008-10-04 23:56:55 +02:00
|
|
|
QTW_IGNORE_RC_SUBQUERIES);
|
2005-06-04 01:05:30 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Walker to find sublink subqueries for AcquireRewriteLocks
|
|
|
|
|
*/
|
|
|
|
|
static bool
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
acquireLocksOnSubLinks(Node *node, acquireLocksOnSubLinks_context *context)
|
2005-06-04 01:05:30 +02:00
|
|
|
{
|
|
|
|
|
if (node == NULL)
|
|
|
|
|
return false;
|
|
|
|
|
if (IsA(node, SubLink))
|
|
|
|
|
{
|
|
|
|
|
SubLink *sub = (SubLink *) node;
|
|
|
|
|
|
|
|
|
|
/* Do what we came for */
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
AcquireRewriteLocks((Query *) sub->subselect,
|
|
|
|
|
context->for_execute,
|
|
|
|
|
false);
|
2005-06-04 01:05:30 +02:00
|
|
|
/* Fall through to process lefthand args of SubLink */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Do NOT recurse into Query nodes, because AcquireRewriteLocks already
|
|
|
|
|
* processed subselects of subselects for us.
|
|
|
|
|
*/
|
|
|
|
|
return expression_tree_walker(node, acquireLocksOnSubLinks, context);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
1996-07-09 08:22:35 +02:00
|
|
|
/*
|
2001-06-13 20:56:30 +02:00
|
|
|
* rewriteRuleAction -
|
|
|
|
|
* Rewrite the rule action with appropriate qualifiers (taken from
|
|
|
|
|
* the triggering query).
|
2006-09-02 19:06:52 +02:00
|
|
|
*
|
|
|
|
|
* Input arguments:
|
|
|
|
|
* parsetree - original query
|
|
|
|
|
* rule_action - one action (query) of a rule
|
|
|
|
|
* rule_qual - WHERE condition of rule, or NULL if unconditional
|
|
|
|
|
* rt_index - RT index of result relation in original query
|
|
|
|
|
* event - type of rule event
|
|
|
|
|
* Output arguments:
|
|
|
|
|
* *returning_flag - set TRUE if we rewrite RETURNING clause in rule_action
|
|
|
|
|
* (must be initialized to FALSE)
|
|
|
|
|
* Return value:
|
|
|
|
|
* rewritten form of rule_action
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
2001-06-13 20:56:30 +02:00
|
|
|
static Query *
|
|
|
|
|
rewriteRuleAction(Query *parsetree,
|
1997-09-08 23:56:23 +02:00
|
|
|
Query *rule_action,
|
|
|
|
|
Node *rule_qual,
|
1997-09-07 07:04:48 +02:00
|
|
|
int rt_index,
|
2006-09-02 19:06:52 +02:00
|
|
|
CmdType event,
|
|
|
|
|
bool *returning_flag)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2001-06-13 20:56:30 +02:00
|
|
|
int current_varno,
|
|
|
|
|
new_varno;
|
|
|
|
|
int rt_length;
|
2000-12-05 20:15:10 +01:00
|
|
|
Query *sub_action;
|
|
|
|
|
Query **sub_action_ptr;
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
acquireLocksOnSubLinks_context context;
|
|
|
|
|
|
|
|
|
|
context.for_execute = true;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2001-06-13 20:56:30 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Make modifiable copies of rule action and qual (what we're passed are
|
|
|
|
|
* the stored versions in the relcache; don't touch 'em!).
|
2001-06-13 20:56:30 +02:00
|
|
|
*/
|
2017-03-09 21:18:59 +01:00
|
|
|
rule_action = copyObject(rule_action);
|
|
|
|
|
rule_qual = copyObject(rule_qual);
|
2001-06-13 20:56:30 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
|
|
|
|
* Acquire necessary locks and fix any deleted JOIN RTE entries.
|
|
|
|
|
*/
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
AcquireRewriteLocks(rule_action, true, false);
|
|
|
|
|
(void) acquireLocksOnSubLinks(rule_qual, &context);
|
2005-06-04 01:05:30 +02:00
|
|
|
|
2001-06-13 20:56:30 +02:00
|
|
|
current_varno = rt_index;
|
2004-05-31 01:40:41 +02:00
|
|
|
rt_length = list_length(parsetree->rtable);
|
2001-06-13 20:56:30 +02:00
|
|
|
new_varno = PRS2_NEW_VARNO + rt_length;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2000-12-05 20:15:10 +01:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Adjust rule action and qual to offset its varnos, so that we can merge
|
|
|
|
|
* its rtable with the main parsetree's rtable.
|
2000-12-05 20:15:10 +01:00
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* If the rule action is an INSERT...SELECT, the OLD/NEW rtable entries
|
|
|
|
|
* will be in the SELECT part, and we have to modify that rather than the
|
2005-10-15 04:49:52 +02:00
|
|
|
* top-level INSERT (kluge!).
|
2000-12-05 20:15:10 +01:00
|
|
|
*/
|
2001-06-13 20:56:30 +02:00
|
|
|
sub_action = getInsertSelectQuery(rule_action, &sub_action_ptr);
|
2000-09-12 23:07:18 +02:00
|
|
|
|
2000-12-05 20:15:10 +01:00
|
|
|
OffsetVarNodes((Node *) sub_action, rt_length, 0);
|
2001-06-13 20:56:30 +02:00
|
|
|
OffsetVarNodes(rule_qual, rt_length, 0);
|
2009-11-06 00:24:27 +01:00
|
|
|
/* but references to OLD should point at original rt_index */
|
2000-12-05 20:15:10 +01:00
|
|
|
ChangeVarNodes((Node *) sub_action,
|
|
|
|
|
PRS2_OLD_VARNO + rt_length, rt_index, 0);
|
2001-06-13 20:56:30 +02:00
|
|
|
ChangeVarNodes(rule_qual,
|
2000-12-05 20:15:10 +01:00
|
|
|
PRS2_OLD_VARNO + rt_length, rt_index, 0);
|
|
|
|
|
|
|
|
|
|
/*
|
2001-10-25 07:50:21 +02:00
|
|
|
* Generate expanded rtable consisting of main parsetree's rtable plus
|
|
|
|
|
* rule action's rtable; this becomes the complete rtable for the rule
|
2014-05-06 18:12:18 +02:00
|
|
|
* action. Some of the entries may be unused after we finish rewriting,
|
2005-10-15 04:49:52 +02:00
|
|
|
* but we leave them all in place for two reasons:
|
2004-01-14 04:39:22 +01:00
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* We'd have a much harder job to adjust the query's varnos if we
|
|
|
|
|
* selectively removed RT entries.
|
2004-01-14 04:39:22 +01:00
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* If the rule is INSTEAD, then the original query won't be executed at
|
|
|
|
|
* all, and so its rtable must be preserved so that the executor will do
|
|
|
|
|
* the correct permissions checks on it.
|
2004-01-14 04:39:22 +01:00
|
|
|
*
|
|
|
|
|
* RT entries that are not referenced in the completed jointree will be
|
2005-10-15 04:49:52 +02:00
|
|
|
* ignored by the planner, so they do not affect query semantics. But any
|
|
|
|
|
* permissions checks specified in them will be applied during executor
|
|
|
|
|
* startup (see ExecCheckRTEPerms()). This allows us to check that the
|
|
|
|
|
* caller has, say, insert-permission on a view, when the view is not
|
|
|
|
|
* semantically referenced at all in the resulting query.
|
2004-01-14 04:39:22 +01:00
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* When a rule is not INSTEAD, the permissions checks done on its copied
|
|
|
|
|
* RT entries will be redundant with those done during execution of the
|
2005-10-15 04:49:52 +02:00
|
|
|
* original query, but we don't bother to treat that case differently.
|
2000-12-05 20:15:10 +01:00
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* NOTE: because planner will destructively alter rtable, we must ensure
|
|
|
|
|
* that rule action's rtable is separate and shares no substructure with
|
|
|
|
|
* the main rtable. Hence do a deep copy here.
|
2000-12-05 20:15:10 +01:00
|
|
|
*/
|
2017-03-09 21:18:59 +01:00
|
|
|
sub_action->rtable = list_concat(copyObject(parsetree->rtable),
|
2004-08-29 07:07:03 +02:00
|
|
|
sub_action->rtable);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2008-09-24 18:52:46 +02:00
|
|
|
/*
|
|
|
|
|
* There could have been some SubLinks in parsetree's rtable, in which
|
|
|
|
|
* case we'd better mark the sub_action correctly.
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->hasSubLinks && !sub_action->hasSubLinks)
|
|
|
|
|
{
|
|
|
|
|
ListCell *lc;
|
|
|
|
|
|
|
|
|
|
foreach(lc, parsetree->rtable)
|
|
|
|
|
{
|
|
|
|
|
RangeTblEntry *rte = (RangeTblEntry *) lfirst(lc);
|
|
|
|
|
|
|
|
|
|
switch (rte->rtekind)
|
|
|
|
|
{
|
Redesign tablesample method API, and do extensive code review.
The original implementation of TABLESAMPLE modeled the tablesample method
API on index access methods, which wasn't a good choice because, without
specialized DDL commands, there's no way to build an extension that can
implement a TSM. (Raw inserts into system catalogs are not an acceptable
thing to do, because we can't undo them during DROP EXTENSION, nor will
pg_upgrade behave sanely.) Instead adopt an API more like procedural
language handlers or foreign data wrappers, wherein the only SQL-level
support object needed is a single handler function identified by having
a special return type. This lets us get rid of the supporting catalog
altogether, so that no custom DDL support is needed for the feature.
Adjust the API so that it can support non-constant tablesample arguments
(the original coding assumed we could evaluate the argument expressions at
ExecInitSampleScan time, which is undesirable even if it weren't outright
unsafe), and discourage sampling methods from looking at invisible tuples.
Make sure that the BERNOULLI and SYSTEM methods are genuinely repeatable
within and across queries, as required by the SQL standard, and deal more
honestly with methods that can't support that requirement.
Make a full code-review pass over the tablesample additions, and fix
assorted bugs, omissions, infelicities, and cosmetic issues (such as
failure to put the added code stanzas in a consistent ordering).
Improve EXPLAIN's output of tablesample plans, too.
Back-patch to 9.5 so that we don't have to support the original API
in production.
2015-07-25 20:39:00 +02:00
|
|
|
case RTE_RELATION:
|
|
|
|
|
sub_action->hasSubLinks =
|
|
|
|
|
checkExprHasSubLink((Node *) rte->tablesample);
|
|
|
|
|
break;
|
2008-09-24 18:52:46 +02:00
|
|
|
case RTE_FUNCTION:
|
|
|
|
|
sub_action->hasSubLinks =
|
Support multi-argument UNNEST(), and TABLE() syntax for multiple functions.
This patch adds the ability to write TABLE( function1(), function2(), ...)
as a single FROM-clause entry. The result is the concatenation of the
first row from each function, followed by the second row from each
function, etc; with NULLs inserted if any function produces fewer rows than
others. This is believed to be a much more useful behavior than what
Postgres currently does with multiple SRFs in a SELECT list.
This syntax also provides a reasonable way to combine use of column
definition lists with WITH ORDINALITY: put the column definition list
inside TABLE(), where it's clear that it doesn't control the ordinality
column as well.
Also implement SQL-compliant multiple-argument UNNEST(), by turning
UNNEST(a,b,c) into TABLE(unnest(a), unnest(b), unnest(c)).
The SQL standard specifies TABLE() with only a single function, not
multiple functions, and it seems to require an implicit UNNEST() which is
not what this patch does. There may be something wrong with that reading
of the spec, though, because if it's right then the spec's TABLE() is just
a pointless alternative spelling of UNNEST(). After further review of
that, we might choose to adopt a different syntax for what this patch does,
but in any case this functionality seems clearly worthwhile.
Andrew Gierth, reviewed by Zoltán Böszörményi and Heikki Linnakangas, and
significantly revised by me
2013-11-22 01:37:02 +01:00
|
|
|
checkExprHasSubLink((Node *) rte->functions);
|
2008-09-24 18:52:46 +02:00
|
|
|
break;
|
2017-03-08 16:39:37 +01:00
|
|
|
case RTE_TABLEFUNC:
|
|
|
|
|
sub_action->hasSubLinks =
|
|
|
|
|
checkExprHasSubLink((Node *) rte->tablefunc);
|
|
|
|
|
break;
|
2008-09-24 18:52:46 +02:00
|
|
|
case RTE_VALUES:
|
|
|
|
|
sub_action->hasSubLinks =
|
|
|
|
|
checkExprHasSubLink((Node *) rte->values_lists);
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
/* other RTE types don't contain bare expressions */
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
if (sub_action->hasSubLinks)
|
2009-06-11 16:49:15 +02:00
|
|
|
break; /* no need to keep scanning rtable */
|
2008-09-24 18:52:46 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-11-10 22:16:33 +01:00
|
|
|
/*
|
|
|
|
|
* Also, we might have absorbed some RTEs with RLS conditions into the
|
|
|
|
|
* sub_action. If so, mark it as hasRowSecurity, whether or not those
|
|
|
|
|
* RTEs will be referenced after we finish rewriting. (Note: currently
|
|
|
|
|
* this is a no-op because RLS conditions aren't added till later, but it
|
|
|
|
|
* seems like good future-proofing to do this anyway.)
|
|
|
|
|
*/
|
|
|
|
|
sub_action->hasRowSecurity |= parsetree->hasRowSecurity;
|
|
|
|
|
|
2000-12-05 20:15:10 +01:00
|
|
|
/*
|
|
|
|
|
* Each rule action's jointree should be the main parsetree's jointree
|
2005-10-15 04:49:52 +02:00
|
|
|
* plus that rule's jointree, but usually *without* the original rtindex
|
|
|
|
|
* that we're replacing (if present, which it won't be for INSERT). Note
|
|
|
|
|
* that if the rule action refers to OLD, its jointree will add a
|
|
|
|
|
* reference to rt_index. If the rule action doesn't refer to OLD, but
|
|
|
|
|
* either the rule_qual or the user query quals do, then we need to keep
|
2014-05-06 18:12:18 +02:00
|
|
|
* the original rtindex in the jointree to provide data for the quals. We
|
2005-10-15 04:49:52 +02:00
|
|
|
* don't want the original rtindex to be joined twice, however, so avoid
|
|
|
|
|
* keeping it if the rule action mentions it.
|
2001-06-12 20:54:22 +02:00
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* As above, the action's jointree must not share substructure with the
|
|
|
|
|
* main parsetree's.
|
2000-12-05 20:15:10 +01:00
|
|
|
*/
|
2003-07-16 19:25:48 +02:00
|
|
|
if (sub_action->commandType != CMD_UTILITY)
|
2000-12-05 20:15:10 +01:00
|
|
|
{
|
2001-03-22 05:01:46 +01:00
|
|
|
bool keeporig;
|
|
|
|
|
List *newjointree;
|
2001-01-27 05:40:59 +01:00
|
|
|
|
2003-07-16 19:25:48 +02:00
|
|
|
Assert(sub_action->jointree != NULL);
|
2001-03-22 05:01:46 +01:00
|
|
|
keeporig = (!rangeTableEntry_used((Node *) sub_action->jointree,
|
|
|
|
|
rt_index, 0)) &&
|
2001-06-13 20:56:30 +02:00
|
|
|
(rangeTableEntry_used(rule_qual, rt_index, 0) ||
|
2005-10-15 04:49:52 +02:00
|
|
|
rangeTableEntry_used(parsetree->jointree->quals, rt_index, 0));
|
2001-01-27 05:40:59 +01:00
|
|
|
newjointree = adjustJoinTreeList(parsetree, !keeporig, rt_index);
|
2003-07-16 19:25:48 +02:00
|
|
|
if (newjointree != NIL)
|
|
|
|
|
{
|
|
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* If sub_action is a setop, manipulating its jointree will do no
|
2014-05-06 18:12:18 +02:00
|
|
|
* good at all, because the jointree is dummy. (Perhaps someday
|
2005-10-15 04:49:52 +02:00
|
|
|
* we could push the joining and quals down to the member
|
|
|
|
|
* statements of the setop?)
|
2003-07-16 19:25:48 +02:00
|
|
|
*/
|
|
|
|
|
if (sub_action->setOperations != NULL)
|
2003-07-25 02:01:09 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("conditional UNION/INTERSECT/EXCEPT statements are not implemented")));
|
2003-07-16 19:25:48 +02:00
|
|
|
|
|
|
|
|
sub_action->jointree->fromlist =
|
2004-05-31 01:40:41 +02:00
|
|
|
list_concat(newjointree, sub_action->jointree->fromlist);
|
2005-11-23 18:21:04 +01:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* There could have been some SubLinks in newjointree, in which
|
|
|
|
|
* case we'd better mark the sub_action correctly.
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->hasSubLinks && !sub_action->hasSubLinks)
|
|
|
|
|
sub_action->hasSubLinks =
|
|
|
|
|
checkExprHasSubLink((Node *) newjointree);
|
2003-07-16 19:25:48 +02:00
|
|
|
}
|
2000-12-05 20:15:10 +01:00
|
|
|
}
|
|
|
|
|
|
2011-06-07 06:08:31 +02:00
|
|
|
/*
|
2011-06-09 20:32:50 +02:00
|
|
|
* If the original query has any CTEs, copy them into the rule action. But
|
|
|
|
|
* we don't need them for a utility action.
|
2011-06-07 06:08:31 +02:00
|
|
|
*/
|
|
|
|
|
if (parsetree->cteList != NIL && sub_action->commandType != CMD_UTILITY)
|
|
|
|
|
{
|
|
|
|
|
ListCell *lc;
|
|
|
|
|
|
|
|
|
|
/*
|
2011-06-09 20:32:50 +02:00
|
|
|
* Annoying implementation restriction: because CTEs are identified by
|
|
|
|
|
* name within a cteList, we can't merge a CTE from the original query
|
|
|
|
|
* if it has the same name as any CTE in the rule action.
|
2011-06-07 06:08:31 +02:00
|
|
|
*
|
|
|
|
|
* This could possibly be fixed by using some sort of internally
|
|
|
|
|
* generated ID, instead of names, to link CTE RTEs to their CTEs.
|
|
|
|
|
*/
|
|
|
|
|
foreach(lc, parsetree->cteList)
|
|
|
|
|
{
|
|
|
|
|
CommonTableExpr *cte = (CommonTableExpr *) lfirst(lc);
|
|
|
|
|
ListCell *lc2;
|
|
|
|
|
|
|
|
|
|
foreach(lc2, sub_action->cteList)
|
|
|
|
|
{
|
|
|
|
|
CommonTableExpr *cte2 = (CommonTableExpr *) lfirst(lc2);
|
|
|
|
|
|
|
|
|
|
if (strcmp(cte->ctename, cte2->ctename) == 0)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("WITH query name \"%s\" appears in both a rule action and the query being rewritten",
|
|
|
|
|
cte->ctename)));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* OK, it's safe to combine the CTE lists */
|
|
|
|
|
sub_action->cteList = list_concat(sub_action->cteList,
|
|
|
|
|
copyObject(parsetree->cteList));
|
|
|
|
|
}
|
|
|
|
|
|
2000-12-05 20:15:10 +01:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Event Qualification forces copying of parsetree and splitting into two
|
|
|
|
|
* queries one w/rule_qual, one w/NOT rule_qual. Also add user query qual
|
|
|
|
|
* onto rule action
|
2000-12-05 20:15:10 +01:00
|
|
|
*/
|
2001-06-13 20:56:30 +02:00
|
|
|
AddQual(sub_action, rule_qual);
|
2000-12-05 20:15:10 +01:00
|
|
|
|
|
|
|
|
AddQual(sub_action, parsetree->jointree->quals);
|
|
|
|
|
|
|
|
|
|
/*
|
2012-11-08 22:52:49 +01:00
|
|
|
* Rewrite new.attribute with right hand side of target-list entry for
|
2001-03-22 05:01:46 +01:00
|
|
|
* appropriate field name in insert/update.
|
2000-12-05 20:15:10 +01:00
|
|
|
*
|
2012-11-08 22:52:49 +01:00
|
|
|
* KLUGE ALERT: since ReplaceVarsFromTargetList returns a mutated copy, we
|
|
|
|
|
* can't just apply it to sub_action; we have to remember to update the
|
|
|
|
|
* sublink inside rule_action, too.
|
2000-12-05 20:15:10 +01:00
|
|
|
*/
|
2004-08-07 19:40:49 +02:00
|
|
|
if ((event == CMD_INSERT || event == CMD_UPDATE) &&
|
|
|
|
|
sub_action->commandType != CMD_UTILITY)
|
2000-12-05 20:15:10 +01:00
|
|
|
{
|
2012-11-08 22:52:49 +01:00
|
|
|
sub_action = (Query *)
|
|
|
|
|
ReplaceVarsFromTargetList((Node *) sub_action,
|
|
|
|
|
new_varno,
|
|
|
|
|
0,
|
|
|
|
|
rt_fetch(new_varno, sub_action->rtable),
|
|
|
|
|
parsetree->targetList,
|
|
|
|
|
(event == CMD_UPDATE) ?
|
|
|
|
|
REPLACEVARS_CHANGE_VARNO :
|
|
|
|
|
REPLACEVARS_SUBSTITUTE_NULL,
|
|
|
|
|
current_varno,
|
|
|
|
|
NULL);
|
2000-12-05 20:15:10 +01:00
|
|
|
if (sub_action_ptr)
|
|
|
|
|
*sub_action_ptr = sub_action;
|
|
|
|
|
else
|
2001-06-13 20:56:30 +02:00
|
|
|
rule_action = sub_action;
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
2000-12-05 20:15:10 +01:00
|
|
|
|
2006-09-02 19:06:52 +02:00
|
|
|
/*
|
2006-10-04 02:30:14 +02:00
|
|
|
* If rule_action has a RETURNING clause, then either throw it away if the
|
|
|
|
|
* triggering query has no RETURNING clause, or rewrite it to emit what
|
|
|
|
|
* the triggering query's RETURNING clause asks for. Throw an error if
|
|
|
|
|
* more than one rule has a RETURNING clause.
|
2006-09-02 19:06:52 +02:00
|
|
|
*/
|
|
|
|
|
if (!parsetree->returningList)
|
|
|
|
|
rule_action->returningList = NIL;
|
|
|
|
|
else if (rule_action->returningList)
|
|
|
|
|
{
|
|
|
|
|
if (*returning_flag)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
2006-10-04 02:30:14 +02:00
|
|
|
errmsg("cannot have RETURNING lists in multiple rules")));
|
2006-09-02 19:06:52 +02:00
|
|
|
*returning_flag = true;
|
|
|
|
|
rule_action->returningList = (List *)
|
2012-11-08 22:52:49 +01:00
|
|
|
ReplaceVarsFromTargetList((Node *) parsetree->returningList,
|
|
|
|
|
parsetree->resultRelation,
|
|
|
|
|
0,
|
|
|
|
|
rt_fetch(parsetree->resultRelation,
|
|
|
|
|
parsetree->rtable),
|
|
|
|
|
rule_action->returningList,
|
|
|
|
|
REPLACEVARS_REPORT_ERROR,
|
|
|
|
|
0,
|
|
|
|
|
&rule_action->hasSubLinks);
|
2008-09-24 18:52:46 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* There could have been some SubLinks in parsetree's returningList,
|
|
|
|
|
* in which case we'd better mark the rule_action correctly.
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->hasSubLinks && !rule_action->hasSubLinks)
|
|
|
|
|
rule_action->hasSubLinks =
|
2009-06-11 16:49:15 +02:00
|
|
|
checkExprHasSubLink((Node *) rule_action->returningList);
|
2006-09-02 19:06:52 +02:00
|
|
|
}
|
|
|
|
|
|
2001-06-13 20:56:30 +02:00
|
|
|
return rule_action;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
1998-10-02 18:28:04 +02:00
|
|
|
/*
|
2001-01-27 05:40:59 +01:00
|
|
|
* Copy the query's jointree list, and optionally attempt to remove any
|
|
|
|
|
* occurrence of the given rt_index as a top-level join item (we do not look
|
|
|
|
|
* for it within join items; this is OK because we are only expecting to find
|
|
|
|
|
* it as an UPDATE or DELETE target relation, which will be at the top level
|
2001-06-12 20:54:22 +02:00
|
|
|
* of the join). Returns modified jointree list --- this is a separate copy
|
|
|
|
|
* sharing no nodes with the original.
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
2000-09-12 23:07:18 +02:00
|
|
|
static List *
|
2001-01-27 05:40:59 +01:00
|
|
|
adjustJoinTreeList(Query *parsetree, bool removert, int rt_index)
|
2000-04-12 19:17:23 +02:00
|
|
|
{
|
2001-06-12 20:54:22 +02:00
|
|
|
List *newjointree = copyObject(parsetree->jointree->fromlist);
|
2004-05-26 06:41:50 +02:00
|
|
|
ListCell *l;
|
1999-10-01 06:08:24 +02:00
|
|
|
|
2001-01-27 05:40:59 +01:00
|
|
|
if (removert)
|
1999-05-25 18:15:34 +02:00
|
|
|
{
|
2004-05-26 06:41:50 +02:00
|
|
|
foreach(l, newjointree)
|
2000-09-12 23:07:18 +02:00
|
|
|
{
|
2004-05-26 06:41:50 +02:00
|
|
|
RangeTblRef *rtr = lfirst(l);
|
2001-01-27 05:40:59 +01:00
|
|
|
|
2002-12-17 02:18:35 +01:00
|
|
|
if (IsA(rtr, RangeTblRef) &&
|
|
|
|
|
rtr->rtindex == rt_index)
|
2001-01-27 05:40:59 +01:00
|
|
|
{
|
2004-05-31 01:40:41 +02:00
|
|
|
newjointree = list_delete_ptr(newjointree, rtr);
|
2004-08-29 07:07:03 +02:00
|
|
|
|
|
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* foreach is safe because we exit loop after list_delete...
|
2004-08-29 07:07:03 +02:00
|
|
|
*/
|
2001-01-27 05:40:59 +01:00
|
|
|
break;
|
|
|
|
|
}
|
2000-09-12 23:07:18 +02:00
|
|
|
}
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
2000-09-12 23:07:18 +02:00
|
|
|
return newjointree;
|
1998-10-02 18:28:04 +02:00
|
|
|
}
|
1998-08-24 03:38:11 +02:00
|
|
|
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2002-04-05 07:47:05 +02:00
|
|
|
/*
|
2010-10-10 19:43:33 +02:00
|
|
|
* rewriteTargetListIU - rewrite INSERT/UPDATE targetlist into standard form
|
2002-04-05 07:47:05 +02:00
|
|
|
*
|
|
|
|
|
* This has the following responsibilities:
|
|
|
|
|
*
|
|
|
|
|
* 1. For an INSERT, add tlist entries to compute default values for any
|
|
|
|
|
* attributes that have defaults and are not assigned to in the given tlist.
|
|
|
|
|
* (We do not insert anything for default-less attributes, however. The
|
|
|
|
|
* planner will later insert NULLs for them, but there's no reason to slow
|
2003-07-03 18:34:26 +02:00
|
|
|
* down rewriter processing with extra tlist nodes.) Also, for both INSERT
|
|
|
|
|
* and UPDATE, replace explicit DEFAULT specifications with column default
|
|
|
|
|
* expressions.
|
2002-04-05 07:47:05 +02:00
|
|
|
*
|
2013-10-18 16:35:36 +02:00
|
|
|
* 2. For an UPDATE on a trigger-updatable view, add tlist entries for any
|
|
|
|
|
* unassigned-to attributes, assigning them their old values. These will
|
|
|
|
|
* later get expanded to the output values of the view. (This is equivalent
|
|
|
|
|
* to what the planner's expand_targetlist() will do for UPDATE on a regular
|
|
|
|
|
* table, but it's more convenient to do it here while we still have easy
|
|
|
|
|
* access to the view's original RT index.) This is only necessary for
|
|
|
|
|
* trigger-updatable views, for which the view remains the result relation of
|
|
|
|
|
* the query. For auto-updatable views we must not do this, since it might
|
|
|
|
|
* add assignments to non-updatable view columns. For rule-updatable views it
|
|
|
|
|
* is unnecessary extra work, since the query will be rewritten with a
|
|
|
|
|
* different result relation which will be processed when we recurse via
|
|
|
|
|
* RewriteQuery.
|
2010-10-10 19:43:33 +02:00
|
|
|
*
|
|
|
|
|
* 3. Merge multiple entries for the same target attribute, or declare error
|
2004-06-09 21:08:20 +02:00
|
|
|
* if we can't. Multiple entries are only allowed for INSERT/UPDATE of
|
|
|
|
|
* portions of an array or record field, for example
|
|
|
|
|
* UPDATE table SET foo[2] = 42, foo[4] = 43;
|
2002-04-05 07:47:05 +02:00
|
|
|
* We can merge such operations into a single assignment op. Essentially,
|
|
|
|
|
* the expression we want to produce in this case is like
|
Rationalize the APIs of array element/slice access functions.
The four functions array_ref, array_set, array_get_slice, array_set_slice
have traditionally declared their array inputs and results as being of type
"ArrayType *". This is a lie, and has been since Berkeley days, because
they actually also support "fixed-length array" types such as "name" and
"point"; not to mention that the inputs could be toasted. These values
should be declared Datum instead to avoid confusion. The current coding
already risks possible misoptimization by compilers, and it'll get worse
when "expanded" array representations become a valid alternative.
However, there's a fair amount of code using array_ref and array_set with
arrays that *are* known to be ArrayType structures, and there might be more
such places in third-party code. Rather than cluttering those call sites
with PointerGetDatum/DatumGetArrayTypeP cruft, what I did was to rename the
existing functions to array_get_element/array_set_element, fix their
signatures, then reincarnate array_ref/array_set as backwards compatibility
wrappers.
array_get_slice/array_set_slice have no such constituency in the core code,
and probably not in third-party code either, so I just changed their APIs.
2015-02-16 18:23:58 +01:00
|
|
|
* foo = array_set_element(array_set_element(foo, 2, 42), 4, 43)
|
2002-04-05 07:47:05 +02:00
|
|
|
*
|
2010-10-10 19:43:33 +02:00
|
|
|
* 4. Sort the tlist into standard order: non-junk fields in order by resno,
|
2002-04-05 07:47:05 +02:00
|
|
|
* then junk fields (these in no particular order).
|
|
|
|
|
*
|
2010-10-10 19:43:33 +02:00
|
|
|
* We must do items 1,2,3 before firing rewrite rules, else rewritten
|
2014-05-06 18:12:18 +02:00
|
|
|
* references to NEW.foo will produce wrong or incomplete results. Item 4
|
2002-04-05 07:47:05 +02:00
|
|
|
* is not needed for rewriting, but will be needed by the planner, and we
|
2010-10-10 19:43:33 +02:00
|
|
|
* can do it essentially for free while handling the other items.
|
2006-08-02 03:59:48 +02:00
|
|
|
*
|
|
|
|
|
* If attrno_list isn't NULL, we return an additional output besides the
|
|
|
|
|
* rewritten targetlist: an integer list of the assigned-to attnums, in
|
|
|
|
|
* order of the original tlist's non-junk entries. This is needed for
|
|
|
|
|
* processing VALUES RTEs.
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
2015-05-24 03:35:49 +02:00
|
|
|
static List *
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
rewriteTargetListIU(List *targetList,
|
|
|
|
|
CmdType commandType,
|
2017-04-06 14:33:16 +02:00
|
|
|
OverridingKind override,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
Relation target_relation,
|
|
|
|
|
int result_rti,
|
2010-10-10 19:43:33 +02:00
|
|
|
List **attrno_list)
|
2002-04-05 07:47:05 +02:00
|
|
|
{
|
2005-03-26 06:53:01 +01:00
|
|
|
TargetEntry **new_tles;
|
2002-04-05 07:47:05 +02:00
|
|
|
List *new_tlist = NIL;
|
2005-03-26 06:53:01 +01:00
|
|
|
List *junk_tlist = NIL;
|
|
|
|
|
Form_pg_attribute att_tup;
|
2002-04-05 07:47:05 +02:00
|
|
|
int attrno,
|
2005-03-26 06:53:01 +01:00
|
|
|
next_junk_attrno,
|
2002-04-05 07:47:05 +02:00
|
|
|
numattrs;
|
2004-05-26 06:41:50 +02:00
|
|
|
ListCell *temp;
|
2002-04-05 07:47:05 +02:00
|
|
|
|
2006-08-02 03:59:48 +02:00
|
|
|
if (attrno_list) /* initialize optional result list */
|
|
|
|
|
*attrno_list = NIL;
|
|
|
|
|
|
2002-04-05 07:47:05 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* We process the normal (non-junk) attributes by scanning the input tlist
|
|
|
|
|
* once and transferring TLEs into an array, then scanning the array to
|
|
|
|
|
* build an output tlist. This avoids O(N^2) behavior for large numbers
|
|
|
|
|
* of attributes.
|
2005-03-26 06:53:01 +01:00
|
|
|
*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Junk attributes are tossed into a separate list during the same tlist
|
|
|
|
|
* scan, then appended to the reconstructed tlist.
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
|
|
|
|
numattrs = RelationGetNumberOfAttributes(target_relation);
|
2005-03-26 06:53:01 +01:00
|
|
|
new_tles = (TargetEntry **) palloc0(numattrs * sizeof(TargetEntry *));
|
|
|
|
|
next_junk_attrno = numattrs + 1;
|
2002-04-05 07:47:05 +02:00
|
|
|
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
foreach(temp, targetList)
|
2002-04-05 07:47:05 +02:00
|
|
|
{
|
2005-03-26 06:53:01 +01:00
|
|
|
TargetEntry *old_tle = (TargetEntry *) lfirst(temp);
|
2002-08-02 20:15:10 +02:00
|
|
|
|
2005-04-06 18:34:07 +02:00
|
|
|
if (!old_tle->resjunk)
|
2005-03-26 06:53:01 +01:00
|
|
|
{
|
|
|
|
|
/* Normal attr: stash it into new_tles[] */
|
2005-04-06 18:34:07 +02:00
|
|
|
attrno = old_tle->resno;
|
2005-03-26 06:53:01 +01:00
|
|
|
if (attrno < 1 || attrno > numattrs)
|
|
|
|
|
elog(ERROR, "bogus resno %d in targetlist", attrno);
|
|
|
|
|
att_tup = target_relation->rd_att->attrs[attrno - 1];
|
|
|
|
|
|
2006-08-02 03:59:48 +02:00
|
|
|
/* put attrno into attrno_list even if it's dropped */
|
|
|
|
|
if (attrno_list)
|
|
|
|
|
*attrno_list = lappend_int(*attrno_list, attrno);
|
|
|
|
|
|
2005-03-26 06:53:01 +01:00
|
|
|
/* We can (and must) ignore deleted attributes */
|
|
|
|
|
if (att_tup->attisdropped)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
/* Merge with any prior assignment to same attribute */
|
|
|
|
|
new_tles[attrno - 1] =
|
|
|
|
|
process_matched_tle(old_tle,
|
|
|
|
|
new_tles[attrno - 1],
|
|
|
|
|
NameStr(att_tup->attname));
|
|
|
|
|
}
|
|
|
|
|
else
|
2002-04-05 07:47:05 +02:00
|
|
|
{
|
2005-03-26 06:53:01 +01:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Copy all resjunk tlist entries to junk_tlist, and assign them
|
|
|
|
|
* resnos above the last real resno.
|
2005-03-26 06:53:01 +01:00
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* Typical junk entries include ORDER BY or GROUP BY expressions
|
|
|
|
|
* (are these actually possible in an INSERT or UPDATE?), system
|
2005-03-26 06:53:01 +01:00
|
|
|
* attribute references, etc.
|
|
|
|
|
*/
|
2002-04-05 07:47:05 +02:00
|
|
|
|
2005-03-26 06:53:01 +01:00
|
|
|
/* Get the resno right, but don't copy unnecessarily */
|
2005-04-06 18:34:07 +02:00
|
|
|
if (old_tle->resno != next_junk_attrno)
|
2002-04-05 07:47:05 +02:00
|
|
|
{
|
2005-04-06 18:34:07 +02:00
|
|
|
old_tle = flatCopyTargetEntry(old_tle);
|
|
|
|
|
old_tle->resno = next_junk_attrno;
|
2002-04-05 07:47:05 +02:00
|
|
|
}
|
2005-03-26 06:53:01 +01:00
|
|
|
junk_tlist = lappend(junk_tlist, old_tle);
|
|
|
|
|
next_junk_attrno++;
|
2002-04-05 07:47:05 +02:00
|
|
|
}
|
2005-03-26 06:53:01 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
for (attrno = 1; attrno <= numattrs; attrno++)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *new_tle = new_tles[attrno - 1];
|
2017-04-06 14:33:16 +02:00
|
|
|
bool apply_default;
|
2005-03-26 06:53:01 +01:00
|
|
|
|
|
|
|
|
att_tup = target_relation->rd_att->attrs[attrno - 1];
|
|
|
|
|
|
|
|
|
|
/* We can (and must) ignore deleted attributes */
|
|
|
|
|
if (att_tup->attisdropped)
|
|
|
|
|
continue;
|
2002-04-05 07:47:05 +02:00
|
|
|
|
2003-07-03 18:34:26 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Handle the two cases where we need to insert a default expression:
|
|
|
|
|
* it's an INSERT and there's no tlist entry for the column, or the
|
|
|
|
|
* tlist entry is a DEFAULT placeholder node.
|
2003-07-03 18:34:26 +02:00
|
|
|
*/
|
2017-04-06 14:33:16 +02:00
|
|
|
apply_default = ((new_tle == NULL && commandType == CMD_INSERT) ||
|
|
|
|
|
(new_tle && new_tle->expr && IsA(new_tle->expr, SetToDefault)));
|
|
|
|
|
|
|
|
|
|
if (commandType == CMD_INSERT)
|
|
|
|
|
{
|
|
|
|
|
if (att_tup->attidentity == ATTRIBUTE_IDENTITY_ALWAYS && !apply_default)
|
|
|
|
|
{
|
|
|
|
|
if (override != OVERRIDING_SYSTEM_VALUE)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_GENERATED_ALWAYS),
|
|
|
|
|
errmsg("cannot insert into column \"%s\"", NameStr(att_tup->attname)),
|
|
|
|
|
errdetail("Column \"%s\" is an identity column defined as GENERATED ALWAYS.",
|
|
|
|
|
NameStr(att_tup->attname)),
|
|
|
|
|
errhint("Use OVERRIDING SYSTEM VALUE to override.")));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (att_tup->attidentity == ATTRIBUTE_IDENTITY_BY_DEFAULT && override == OVERRIDING_USER_VALUE)
|
|
|
|
|
apply_default = true;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (commandType == CMD_UPDATE)
|
|
|
|
|
{
|
|
|
|
|
if (att_tup->attidentity == ATTRIBUTE_IDENTITY_ALWAYS && !apply_default)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_GENERATED_ALWAYS),
|
|
|
|
|
errmsg("column \"%s\" can only be updated to DEFAULT", NameStr(att_tup->attname)),
|
|
|
|
|
errdetail("Column \"%s\" is an identity column defined as GENERATED ALWAYS.",
|
|
|
|
|
NameStr(att_tup->attname))));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (apply_default)
|
2002-04-05 07:47:05 +02:00
|
|
|
{
|
|
|
|
|
Node *new_expr;
|
|
|
|
|
|
2017-04-06 14:33:16 +02:00
|
|
|
if (att_tup->attidentity)
|
|
|
|
|
{
|
|
|
|
|
NextValueExpr *nve = makeNode(NextValueExpr);
|
|
|
|
|
|
|
|
|
|
nve->seqid = getOwnedSequence(RelationGetRelid(target_relation), attrno);
|
|
|
|
|
nve->typeId = att_tup->atttypid;
|
|
|
|
|
|
|
|
|
|
new_expr = (Node *) nve;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
new_expr = build_column_default(target_relation, attrno);
|
2002-04-05 07:47:05 +02:00
|
|
|
|
2003-07-03 18:34:26 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* If there is no default (ie, default is effectively NULL), we
|
|
|
|
|
* can omit the tlist entry in the INSERT case, since the planner
|
|
|
|
|
* can insert a NULL for itself, and there's no point in spending
|
|
|
|
|
* any more rewriter cycles on the entry. But in the UPDATE case
|
|
|
|
|
* we've got to explicitly set the column to NULL.
|
2003-07-03 18:34:26 +02:00
|
|
|
*/
|
|
|
|
|
if (!new_expr)
|
|
|
|
|
{
|
|
|
|
|
if (commandType == CMD_INSERT)
|
|
|
|
|
new_tle = NULL;
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
new_expr = (Node *) makeConst(att_tup->atttypid,
|
2007-03-17 01:11:05 +01:00
|
|
|
-1,
|
2011-03-26 01:10:42 +01:00
|
|
|
att_tup->attcollation,
|
2003-07-03 18:34:26 +02:00
|
|
|
att_tup->attlen,
|
|
|
|
|
(Datum) 0,
|
|
|
|
|
true, /* isnull */
|
|
|
|
|
att_tup->attbyval);
|
|
|
|
|
/* this is to catch a NOT NULL domain constraint */
|
|
|
|
|
new_expr = coerce_to_domain(new_expr,
|
2006-04-06 00:11:58 +02:00
|
|
|
InvalidOid, -1,
|
2003-07-03 18:34:26 +02:00
|
|
|
att_tup->atttypid,
|
2004-06-16 03:27:00 +02:00
|
|
|
COERCE_IMPLICIT_CAST,
|
2008-08-29 01:09:48 +02:00
|
|
|
-1,
|
2004-11-06 18:46:38 +01:00
|
|
|
false,
|
2004-06-16 03:27:00 +02:00
|
|
|
false);
|
2003-07-03 18:34:26 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2002-04-05 07:47:05 +02:00
|
|
|
if (new_expr)
|
2005-04-06 18:34:07 +02:00
|
|
|
new_tle = makeTargetEntry((Expr *) new_expr,
|
|
|
|
|
attrno,
|
|
|
|
|
pstrdup(NameStr(att_tup->attname)),
|
|
|
|
|
false);
|
2002-04-05 07:47:05 +02:00
|
|
|
}
|
|
|
|
|
|
2010-10-10 19:43:33 +02:00
|
|
|
/*
|
2013-10-18 16:35:36 +02:00
|
|
|
* For an UPDATE on a trigger-updatable view, provide a dummy entry
|
|
|
|
|
* whenever there is no explicit assignment.
|
2010-10-10 19:43:33 +02:00
|
|
|
*/
|
|
|
|
|
if (new_tle == NULL && commandType == CMD_UPDATE &&
|
2013-10-18 16:35:36 +02:00
|
|
|
target_relation->rd_rel->relkind == RELKIND_VIEW &&
|
|
|
|
|
view_has_instead_trigger(target_relation, CMD_UPDATE))
|
2010-10-10 19:43:33 +02:00
|
|
|
{
|
|
|
|
|
Node *new_expr;
|
|
|
|
|
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
new_expr = (Node *) makeVar(result_rti,
|
2010-10-10 19:43:33 +02:00
|
|
|
attrno,
|
|
|
|
|
att_tup->atttypid,
|
|
|
|
|
att_tup->atttypmod,
|
2011-02-08 22:04:18 +01:00
|
|
|
att_tup->attcollation,
|
2010-10-10 19:43:33 +02:00
|
|
|
0);
|
|
|
|
|
|
|
|
|
|
new_tle = makeTargetEntry((Expr *) new_expr,
|
|
|
|
|
attrno,
|
|
|
|
|
pstrdup(NameStr(att_tup->attname)),
|
|
|
|
|
false);
|
|
|
|
|
}
|
|
|
|
|
|
2002-04-05 07:47:05 +02:00
|
|
|
if (new_tle)
|
|
|
|
|
new_tlist = lappend(new_tlist, new_tle);
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-26 06:53:01 +01:00
|
|
|
pfree(new_tles);
|
2002-04-05 07:47:05 +02:00
|
|
|
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
return list_concat(new_tlist, junk_tlist);
|
2002-04-05 07:47:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Convert a matched TLE from the original tlist into a correct new TLE.
|
|
|
|
|
*
|
|
|
|
|
* This routine detects and handles multiple assignments to the same target
|
2003-08-12 01:04:50 +02:00
|
|
|
* attribute. (The attribute name is needed only for error messages.)
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
|
|
|
|
static TargetEntry *
|
|
|
|
|
process_matched_tle(TargetEntry *src_tle,
|
2003-08-12 01:04:50 +02:00
|
|
|
TargetEntry *prior_tle,
|
|
|
|
|
const char *attrName)
|
2002-04-05 07:47:05 +02:00
|
|
|
{
|
2005-04-06 18:34:07 +02:00
|
|
|
TargetEntry *result;
|
2004-06-09 21:08:20 +02:00
|
|
|
Node *src_expr;
|
|
|
|
|
Node *prior_expr;
|
|
|
|
|
Node *src_input;
|
|
|
|
|
Node *prior_input;
|
2002-04-05 07:47:05 +02:00
|
|
|
Node *priorbottom;
|
2004-06-09 21:08:20 +02:00
|
|
|
Node *newexpr;
|
2002-04-05 07:47:05 +02:00
|
|
|
|
|
|
|
|
if (prior_tle == NULL)
|
|
|
|
|
{
|
|
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Normal case where this is the first assignment to the attribute.
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
|
|
|
|
return src_tle;
|
|
|
|
|
}
|
|
|
|
|
|
2004-06-09 21:08:20 +02:00
|
|
|
/*----------
|
2014-05-06 18:12:18 +02:00
|
|
|
* Multiple assignments to same attribute. Allow only if all are
|
2004-06-09 21:08:20 +02:00
|
|
|
* FieldStore or ArrayRef assignment operations. This is a bit
|
|
|
|
|
* tricky because what we may actually be looking at is a nest of
|
|
|
|
|
* such nodes; consider
|
|
|
|
|
* UPDATE tab SET col.fld1.subfld1 = x, col.fld2.subfld2 = y
|
|
|
|
|
* The two expressions produced by the parser will look like
|
|
|
|
|
* FieldStore(col, fld1, FieldStore(placeholder, subfld1, x))
|
2014-10-03 17:47:27 +02:00
|
|
|
* FieldStore(col, fld2, FieldStore(placeholder, subfld2, y))
|
2004-06-09 21:08:20 +02:00
|
|
|
* However, we can ignore the substructure and just consider the top
|
|
|
|
|
* FieldStore or ArrayRef from each assignment, because it works to
|
|
|
|
|
* combine these as
|
|
|
|
|
* FieldStore(FieldStore(col, fld1,
|
|
|
|
|
* FieldStore(placeholder, subfld1, x)),
|
2014-10-03 17:47:27 +02:00
|
|
|
* fld2, FieldStore(placeholder, subfld2, y))
|
2004-06-09 21:08:20 +02:00
|
|
|
* Note the leftmost expression goes on the inside so that the
|
|
|
|
|
* assignments appear to occur left-to-right.
|
|
|
|
|
*
|
|
|
|
|
* For FieldStore, instead of nesting we can generate a single
|
2014-05-06 18:12:18 +02:00
|
|
|
* FieldStore with multiple target fields. We must nest when
|
2004-06-09 21:08:20 +02:00
|
|
|
* ArrayRefs are involved though.
|
|
|
|
|
*----------
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
2004-06-09 21:08:20 +02:00
|
|
|
src_expr = (Node *) src_tle->expr;
|
|
|
|
|
prior_expr = (Node *) prior_tle->expr;
|
|
|
|
|
src_input = get_assignment_input(src_expr);
|
|
|
|
|
prior_input = get_assignment_input(prior_expr);
|
|
|
|
|
if (src_input == NULL ||
|
|
|
|
|
prior_input == NULL ||
|
|
|
|
|
exprType(src_expr) != exprType(prior_expr))
|
2003-07-25 02:01:09 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_SYNTAX_ERROR),
|
2003-09-25 08:58:07 +02:00
|
|
|
errmsg("multiple assignments to same column \"%s\"",
|
2003-08-12 01:04:50 +02:00
|
|
|
attrName)));
|
2002-04-05 07:47:05 +02:00
|
|
|
|
|
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Prior TLE could be a nest of assignments if we do this more than once.
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
2004-06-09 21:08:20 +02:00
|
|
|
priorbottom = prior_input;
|
|
|
|
|
for (;;)
|
|
|
|
|
{
|
2004-08-29 07:07:03 +02:00
|
|
|
Node *newbottom = get_assignment_input(priorbottom);
|
2004-06-09 21:08:20 +02:00
|
|
|
|
|
|
|
|
if (newbottom == NULL)
|
|
|
|
|
break; /* found the original Var reference */
|
|
|
|
|
priorbottom = newbottom;
|
|
|
|
|
}
|
|
|
|
|
if (!equal(priorbottom, src_input))
|
2003-07-25 02:01:09 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_SYNTAX_ERROR),
|
2003-09-25 08:58:07 +02:00
|
|
|
errmsg("multiple assignments to same column \"%s\"",
|
2003-08-12 01:04:50 +02:00
|
|
|
attrName)));
|
2002-04-05 07:47:05 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Looks OK to nest 'em.
|
|
|
|
|
*/
|
2004-06-09 21:08:20 +02:00
|
|
|
if (IsA(src_expr, FieldStore))
|
|
|
|
|
{
|
2004-08-29 07:07:03 +02:00
|
|
|
FieldStore *fstore = makeNode(FieldStore);
|
2004-06-09 21:08:20 +02:00
|
|
|
|
|
|
|
|
if (IsA(prior_expr, FieldStore))
|
|
|
|
|
{
|
|
|
|
|
/* combine the two */
|
|
|
|
|
memcpy(fstore, prior_expr, sizeof(FieldStore));
|
|
|
|
|
fstore->newvals =
|
|
|
|
|
list_concat(list_copy(((FieldStore *) prior_expr)->newvals),
|
2005-10-15 04:49:52 +02:00
|
|
|
list_copy(((FieldStore *) src_expr)->newvals));
|
2004-06-09 21:08:20 +02:00
|
|
|
fstore->fieldnums =
|
|
|
|
|
list_concat(list_copy(((FieldStore *) prior_expr)->fieldnums),
|
2005-10-15 04:49:52 +02:00
|
|
|
list_copy(((FieldStore *) src_expr)->fieldnums));
|
2004-06-09 21:08:20 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* general case, just nest 'em */
|
|
|
|
|
memcpy(fstore, src_expr, sizeof(FieldStore));
|
|
|
|
|
fstore->arg = (Expr *) prior_expr;
|
|
|
|
|
}
|
|
|
|
|
newexpr = (Node *) fstore;
|
|
|
|
|
}
|
|
|
|
|
else if (IsA(src_expr, ArrayRef))
|
|
|
|
|
{
|
|
|
|
|
ArrayRef *aref = makeNode(ArrayRef);
|
|
|
|
|
|
|
|
|
|
memcpy(aref, src_expr, sizeof(ArrayRef));
|
|
|
|
|
aref->refexpr = (Expr *) prior_expr;
|
|
|
|
|
newexpr = (Node *) aref;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
Wording cleanup for error messages. Also change can't -> cannot.
Standard English uses "may", "can", and "might" in different ways:
may - permission, "You may borrow my rake."
can - ability, "I can lift that log."
might - possibility, "It might rain today."
Unfortunately, in conversational English, their use is often mixed, as
in, "You may use this variable to do X", when in fact, "can" is a better
choice. Similarly, "It may crash" is better stated, "It might crash".
2007-02-01 20:10:30 +01:00
|
|
|
elog(ERROR, "cannot happen");
|
2004-06-09 21:08:20 +02:00
|
|
|
newexpr = NULL;
|
|
|
|
|
}
|
2002-04-05 07:47:05 +02:00
|
|
|
|
2005-04-06 18:34:07 +02:00
|
|
|
result = flatCopyTargetEntry(src_tle);
|
|
|
|
|
result->expr = (Expr *) newexpr;
|
|
|
|
|
return result;
|
2002-04-05 07:47:05 +02:00
|
|
|
}
|
|
|
|
|
|
2004-06-09 21:08:20 +02:00
|
|
|
/*
|
|
|
|
|
* If node is an assignment node, return its input; else return NULL
|
|
|
|
|
*/
|
|
|
|
|
static Node *
|
|
|
|
|
get_assignment_input(Node *node)
|
|
|
|
|
{
|
|
|
|
|
if (node == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
if (IsA(node, FieldStore))
|
|
|
|
|
{
|
|
|
|
|
FieldStore *fstore = (FieldStore *) node;
|
|
|
|
|
|
|
|
|
|
return (Node *) fstore->arg;
|
|
|
|
|
}
|
|
|
|
|
else if (IsA(node, ArrayRef))
|
|
|
|
|
{
|
|
|
|
|
ArrayRef *aref = (ArrayRef *) node;
|
|
|
|
|
|
|
|
|
|
if (aref->refassgnexpr == NULL)
|
|
|
|
|
return NULL;
|
|
|
|
|
return (Node *) aref->refexpr;
|
|
|
|
|
}
|
|
|
|
|
return NULL;
|
|
|
|
|
}
|
2002-04-05 07:47:05 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Make an expression tree for the default value for a column.
|
|
|
|
|
*
|
|
|
|
|
* If there is no default, return a NULL instead.
|
|
|
|
|
*/
|
2002-07-18 06:43:51 +02:00
|
|
|
Node *
|
2002-04-05 07:47:05 +02:00
|
|
|
build_column_default(Relation rel, int attrno)
|
|
|
|
|
{
|
|
|
|
|
TupleDesc rd_att = rel->rd_att;
|
|
|
|
|
Form_pg_attribute att_tup = rd_att->attrs[attrno - 1];
|
|
|
|
|
Oid atttype = att_tup->atttypid;
|
|
|
|
|
int32 atttypmod = att_tup->atttypmod;
|
|
|
|
|
Node *expr = NULL;
|
|
|
|
|
Oid exprtype;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Scan to see if relation has a default for this column.
|
|
|
|
|
*/
|
|
|
|
|
if (rd_att->constr && rd_att->constr->num_defval > 0)
|
|
|
|
|
{
|
|
|
|
|
AttrDefault *defval = rd_att->constr->defval;
|
|
|
|
|
int ndef = rd_att->constr->num_defval;
|
|
|
|
|
|
|
|
|
|
while (--ndef >= 0)
|
|
|
|
|
{
|
|
|
|
|
if (attrno == defval[ndef].adnum)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* Found it, convert string representation to node tree.
|
|
|
|
|
*/
|
|
|
|
|
expr = stringToNode(defval[ndef].adbin);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (expr == NULL)
|
|
|
|
|
{
|
|
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* No per-column default, so look for a default for the type itself.
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
2004-04-01 23:28:47 +02:00
|
|
|
expr = get_typdefault(atttype);
|
2002-04-05 07:47:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (expr == NULL)
|
|
|
|
|
return NULL; /* No default anywhere */
|
|
|
|
|
|
|
|
|
|
/*
|
2003-07-29 19:21:27 +02:00
|
|
|
* Make sure the value is coerced to the target column type; this will
|
|
|
|
|
* generally be true already, but there seem to be some corner cases
|
2005-10-15 04:49:52 +02:00
|
|
|
* involving domain defaults where it might not be true. This should match
|
|
|
|
|
* the parser's processing of non-defaulted expressions --- see
|
2006-08-02 03:59:48 +02:00
|
|
|
* transformAssignedExpr().
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
|
|
|
|
exprtype = exprType(expr);
|
|
|
|
|
|
2003-08-04 02:43:34 +02:00
|
|
|
expr = coerce_to_target_type(NULL, /* no UNKNOWN params here */
|
2003-04-30 00:13:11 +02:00
|
|
|
expr, exprtype,
|
Extend pg_cast castimplicit column to a three-way value; this allows us
to be flexible about assignment casts without introducing ambiguity in
operator/function resolution. Introduce a well-defined promotion hierarchy
for numeric datatypes (int2->int4->int8->numeric->float4->float8).
Change make_const to initially label numeric literals as int4, int8, or
numeric (never float8 anymore).
Explicitly mark Func and RelabelType nodes to indicate whether they came
from a function call, explicit cast, or implicit cast; use this to do
reverse-listing more accurately and without so many heuristics.
Explicit casts to char, varchar, bit, varbit will truncate or pad without
raising an error (the pre-7.2 behavior), while assigning to a column without
any explicit cast will still raise an error for wrong-length data like 7.3.
This more nearly follows the SQL spec than 7.2 behavior (we should be
reporting a 'completion condition' in the explicit-cast cases, but we have
no mechanism for that, so just do silent truncation).
Fix some problems with enforcement of typmod for array elements;
it didn't work at all in 'UPDATE ... SET array[n] = foo', for example.
Provide a generalized array_length_coerce() function to replace the
specialized per-array-type functions that used to be needed (and were
missing for NUMERIC as well as all the datetime types).
Add missing conversions int8<->float4, text<->numeric, oid<->int8.
initdb forced.
2002-09-18 23:35:25 +02:00
|
|
|
atttype, atttypmod,
|
|
|
|
|
COERCION_ASSIGNMENT,
|
2008-08-29 01:09:48 +02:00
|
|
|
COERCE_IMPLICIT_CAST,
|
|
|
|
|
-1);
|
Extend pg_cast castimplicit column to a three-way value; this allows us
to be flexible about assignment casts without introducing ambiguity in
operator/function resolution. Introduce a well-defined promotion hierarchy
for numeric datatypes (int2->int4->int8->numeric->float4->float8).
Change make_const to initially label numeric literals as int4, int8, or
numeric (never float8 anymore).
Explicitly mark Func and RelabelType nodes to indicate whether they came
from a function call, explicit cast, or implicit cast; use this to do
reverse-listing more accurately and without so many heuristics.
Explicit casts to char, varchar, bit, varbit will truncate or pad without
raising an error (the pre-7.2 behavior), while assigning to a column without
any explicit cast will still raise an error for wrong-length data like 7.3.
This more nearly follows the SQL spec than 7.2 behavior (we should be
reporting a 'completion condition' in the explicit-cast cases, but we have
no mechanism for that, so just do silent truncation).
Fix some problems with enforcement of typmod for array elements;
it didn't work at all in 'UPDATE ... SET array[n] = foo', for example.
Provide a generalized array_length_coerce() function to replace the
specialized per-array-type functions that used to be needed (and were
missing for NUMERIC as well as all the datetime types).
Add missing conversions int8<->float4, text<->numeric, oid<->int8.
initdb forced.
2002-09-18 23:35:25 +02:00
|
|
|
if (expr == NULL)
|
2003-07-25 02:01:09 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_DATATYPE_MISMATCH),
|
|
|
|
|
errmsg("column \"%s\" is of type %s"
|
|
|
|
|
" but default expression is of type %s",
|
|
|
|
|
NameStr(att_tup->attname),
|
|
|
|
|
format_type_be(atttype),
|
|
|
|
|
format_type_be(exprtype)),
|
2005-10-15 04:49:52 +02:00
|
|
|
errhint("You will need to rewrite or cast the expression.")));
|
2002-04-05 07:47:05 +02:00
|
|
|
|
|
|
|
|
return expr;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2006-08-02 03:59:48 +02:00
|
|
|
/* Does VALUES RTE contain any SetToDefault items? */
|
|
|
|
|
static bool
|
|
|
|
|
searchForDefault(RangeTblEntry *rte)
|
|
|
|
|
{
|
|
|
|
|
ListCell *lc;
|
|
|
|
|
|
|
|
|
|
foreach(lc, rte->values_lists)
|
|
|
|
|
{
|
2006-10-04 02:30:14 +02:00
|
|
|
List *sublist = (List *) lfirst(lc);
|
|
|
|
|
ListCell *lc2;
|
2006-08-02 03:59:48 +02:00
|
|
|
|
|
|
|
|
foreach(lc2, sublist)
|
|
|
|
|
{
|
2006-10-04 02:30:14 +02:00
|
|
|
Node *col = (Node *) lfirst(lc2);
|
2006-08-02 03:59:48 +02:00
|
|
|
|
|
|
|
|
if (IsA(col, SetToDefault))
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* When processing INSERT ... VALUES with a VALUES RTE (ie, multiple VALUES
|
|
|
|
|
* lists), we have to replace any DEFAULT items in the VALUES lists with
|
2010-10-10 19:43:33 +02:00
|
|
|
* the appropriate default expressions. The other aspects of targetlist
|
|
|
|
|
* rewriting need be applied only to the query's targetlist proper.
|
2006-08-02 03:59:48 +02:00
|
|
|
*
|
|
|
|
|
* Note that we currently can't support subscripted or field assignment
|
|
|
|
|
* in the multi-VALUES case. The targetlist will contain simple Vars
|
|
|
|
|
* referencing the VALUES RTE, and therefore process_matched_tle() will
|
|
|
|
|
* reject any such attempt with "multiple assignments to same column".
|
|
|
|
|
*/
|
|
|
|
|
static void
|
|
|
|
|
rewriteValuesRTE(RangeTblEntry *rte, Relation target_relation, List *attrnos)
|
|
|
|
|
{
|
|
|
|
|
List *newValues;
|
|
|
|
|
ListCell *lc;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Rebuilding all the lists is a pretty expensive proposition in a big
|
|
|
|
|
* VALUES list, and it's a waste of time if there aren't any DEFAULT
|
|
|
|
|
* placeholders. So first scan to see if there are any.
|
|
|
|
|
*/
|
|
|
|
|
if (!searchForDefault(rte))
|
|
|
|
|
return; /* nothing to do */
|
|
|
|
|
|
|
|
|
|
/* Check list lengths (we can assume all the VALUES sublists are alike) */
|
|
|
|
|
Assert(list_length(attrnos) == list_length(linitial(rte->values_lists)));
|
|
|
|
|
|
|
|
|
|
newValues = NIL;
|
|
|
|
|
foreach(lc, rte->values_lists)
|
|
|
|
|
{
|
2006-10-04 02:30:14 +02:00
|
|
|
List *sublist = (List *) lfirst(lc);
|
|
|
|
|
List *newList = NIL;
|
|
|
|
|
ListCell *lc2;
|
|
|
|
|
ListCell *lc3;
|
2006-08-02 03:59:48 +02:00
|
|
|
|
|
|
|
|
forboth(lc2, sublist, lc3, attrnos)
|
|
|
|
|
{
|
2006-10-04 02:30:14 +02:00
|
|
|
Node *col = (Node *) lfirst(lc2);
|
|
|
|
|
int attrno = lfirst_int(lc3);
|
2006-08-02 03:59:48 +02:00
|
|
|
|
|
|
|
|
if (IsA(col, SetToDefault))
|
|
|
|
|
{
|
|
|
|
|
Form_pg_attribute att_tup;
|
|
|
|
|
Node *new_expr;
|
|
|
|
|
|
|
|
|
|
att_tup = target_relation->rd_att->attrs[attrno - 1];
|
|
|
|
|
|
|
|
|
|
if (!att_tup->attisdropped)
|
|
|
|
|
new_expr = build_column_default(target_relation, attrno);
|
|
|
|
|
else
|
2006-10-04 02:30:14 +02:00
|
|
|
new_expr = NULL; /* force a NULL if dropped */
|
2006-08-02 03:59:48 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If there is no default (ie, default is effectively NULL),
|
|
|
|
|
* we've got to explicitly set the column to NULL.
|
|
|
|
|
*/
|
|
|
|
|
if (!new_expr)
|
|
|
|
|
{
|
|
|
|
|
new_expr = (Node *) makeConst(att_tup->atttypid,
|
2007-03-17 01:11:05 +01:00
|
|
|
-1,
|
2011-03-26 01:10:42 +01:00
|
|
|
att_tup->attcollation,
|
2006-08-02 03:59:48 +02:00
|
|
|
att_tup->attlen,
|
|
|
|
|
(Datum) 0,
|
|
|
|
|
true, /* isnull */
|
|
|
|
|
att_tup->attbyval);
|
|
|
|
|
/* this is to catch a NOT NULL domain constraint */
|
|
|
|
|
new_expr = coerce_to_domain(new_expr,
|
|
|
|
|
InvalidOid, -1,
|
|
|
|
|
att_tup->atttypid,
|
|
|
|
|
COERCE_IMPLICIT_CAST,
|
2008-08-29 01:09:48 +02:00
|
|
|
-1,
|
2006-08-02 03:59:48 +02:00
|
|
|
false,
|
|
|
|
|
false);
|
|
|
|
|
}
|
|
|
|
|
newList = lappend(newList, new_expr);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
newList = lappend(newList, col);
|
|
|
|
|
}
|
|
|
|
|
newValues = lappend(newValues, newList);
|
|
|
|
|
}
|
|
|
|
|
rte->values_lists = newValues;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2010-10-10 19:43:33 +02:00
|
|
|
/*
|
|
|
|
|
* rewriteTargetListUD - rewrite UPDATE/DELETE targetlist as needed
|
|
|
|
|
*
|
|
|
|
|
* This function adds a "junk" TLE that is needed to allow the executor to
|
2014-05-06 18:12:18 +02:00
|
|
|
* find the original row for the update or delete. When the target relation
|
2010-10-10 19:43:33 +02:00
|
|
|
* is a regular table, the junk TLE emits the ctid attribute of the original
|
|
|
|
|
* row. When the target relation is a view, there is no ctid, so we instead
|
|
|
|
|
* emit a whole-row Var that will contain the "old" values of the view row.
|
2013-03-10 19:14:53 +01:00
|
|
|
* If it's a foreign table, we let the FDW decide what to add.
|
2010-10-10 19:43:33 +02:00
|
|
|
*
|
|
|
|
|
* For UPDATE queries, this is applied after rewriteTargetListIU. The
|
|
|
|
|
* ordering isn't actually critical at the moment.
|
|
|
|
|
*/
|
|
|
|
|
static void
|
2010-10-19 21:08:37 +02:00
|
|
|
rewriteTargetListUD(Query *parsetree, RangeTblEntry *target_rte,
|
|
|
|
|
Relation target_relation)
|
2010-10-10 19:43:33 +02:00
|
|
|
{
|
2014-03-23 07:16:34 +01:00
|
|
|
Var *var = NULL;
|
2010-10-10 19:43:33 +02:00
|
|
|
const char *attrname;
|
|
|
|
|
TargetEntry *tle;
|
|
|
|
|
|
2013-03-04 01:23:31 +01:00
|
|
|
if (target_relation->rd_rel->relkind == RELKIND_RELATION ||
|
Implement table partitioning.
Table partitioning is like table inheritance and reuses much of the
existing infrastructure, but there are some important differences.
The parent is called a partitioned table and is always empty; it may
not have indexes or non-inherited constraints, since those make no
sense for a relation with no data of its own. The children are called
partitions and contain all of the actual data. Each partition has an
implicit partitioning constraint. Multiple inheritance is not
allowed, and partitioning and inheritance can't be mixed. Partitions
can't have extra columns and may not allow nulls unless the parent
does. Tuples inserted into the parent are automatically routed to the
correct partition, so tuple-routing ON INSERT triggers are not needed.
Tuple routing isn't yet supported for partitions which are foreign
tables, and it doesn't handle updates that cross partition boundaries.
Currently, tables can be range-partitioned or list-partitioned. List
partitioning is limited to a single column, but range partitioning can
involve multiple columns. A partitioning "column" can be an
expression.
Because table partitioning is less general than table inheritance, it
is hoped that it will be easier to reason about properties of
partitions, and therefore that this will serve as a better foundation
for a variety of possible optimizations, including query planner
optimizations. The tuple routing based which this patch does based on
the implicit partitioning constraints is an example of this, but it
seems likely that many other useful optimizations are also possible.
Amit Langote, reviewed and tested by Robert Haas, Ashutosh Bapat,
Amit Kapila, Rajkumar Raghuwanshi, Corey Huinker, Jaime Casanova,
Rushabh Lathia, Erik Rijkers, among others. Minor revisions by me.
2016-12-07 19:17:43 +01:00
|
|
|
target_relation->rd_rel->relkind == RELKIND_MATVIEW ||
|
|
|
|
|
target_relation->rd_rel->relkind == RELKIND_PARTITIONED_TABLE)
|
2010-10-10 19:43:33 +02:00
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* Emit CTID so that executor can find the row to update or delete.
|
|
|
|
|
*/
|
|
|
|
|
var = makeVar(parsetree->resultRelation,
|
|
|
|
|
SelfItemPointerAttributeNumber,
|
|
|
|
|
TIDOID,
|
|
|
|
|
-1,
|
2011-02-08 22:04:18 +01:00
|
|
|
InvalidOid,
|
2010-10-10 19:43:33 +02:00
|
|
|
0);
|
|
|
|
|
|
|
|
|
|
attrname = "ctid";
|
|
|
|
|
}
|
2013-03-10 19:14:53 +01:00
|
|
|
else if (target_relation->rd_rel->relkind == RELKIND_FOREIGN_TABLE)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* Let the foreign table's FDW add whatever junk TLEs it wants.
|
|
|
|
|
*/
|
|
|
|
|
FdwRoutine *fdwroutine;
|
|
|
|
|
|
|
|
|
|
fdwroutine = GetFdwRoutineForRelation(target_relation, false);
|
|
|
|
|
|
|
|
|
|
if (fdwroutine->AddForeignUpdateTargets != NULL)
|
|
|
|
|
fdwroutine->AddForeignUpdateTargets(parsetree, target_rte,
|
|
|
|
|
target_relation);
|
|
|
|
|
|
2014-03-23 07:16:34 +01:00
|
|
|
/*
|
|
|
|
|
* If we have a row-level trigger corresponding to the operation, emit
|
|
|
|
|
* a whole-row Var so that executor will have the "old" row to pass to
|
|
|
|
|
* the trigger. Alas, this misses system columns.
|
|
|
|
|
*/
|
|
|
|
|
if (target_relation->trigdesc &&
|
|
|
|
|
((parsetree->commandType == CMD_UPDATE &&
|
|
|
|
|
(target_relation->trigdesc->trig_update_after_row ||
|
|
|
|
|
target_relation->trigdesc->trig_update_before_row)) ||
|
|
|
|
|
(parsetree->commandType == CMD_DELETE &&
|
|
|
|
|
(target_relation->trigdesc->trig_delete_after_row ||
|
|
|
|
|
target_relation->trigdesc->trig_delete_before_row))))
|
|
|
|
|
{
|
|
|
|
|
var = makeWholeRowVar(target_rte,
|
|
|
|
|
parsetree->resultRelation,
|
|
|
|
|
0,
|
|
|
|
|
false);
|
|
|
|
|
|
|
|
|
|
attrname = "wholerow";
|
|
|
|
|
}
|
2013-03-10 19:14:53 +01:00
|
|
|
}
|
2010-10-10 19:43:33 +02:00
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/*
|
2011-04-10 17:42:00 +02:00
|
|
|
* Emit whole-row Var so that executor will have the "old" view row to
|
|
|
|
|
* pass to the INSTEAD OF trigger.
|
2010-10-10 19:43:33 +02:00
|
|
|
*/
|
2010-10-19 21:08:37 +02:00
|
|
|
var = makeWholeRowVar(target_rte,
|
|
|
|
|
parsetree->resultRelation,
|
2011-11-28 04:27:24 +01:00
|
|
|
0,
|
|
|
|
|
false);
|
2010-10-10 19:43:33 +02:00
|
|
|
|
|
|
|
|
attrname = "wholerow";
|
|
|
|
|
}
|
|
|
|
|
|
2014-03-23 07:16:34 +01:00
|
|
|
if (var != NULL)
|
|
|
|
|
{
|
|
|
|
|
tle = makeTargetEntry((Expr *) var,
|
|
|
|
|
list_length(parsetree->targetList) + 1,
|
|
|
|
|
pstrdup(attrname),
|
|
|
|
|
true);
|
2010-10-10 19:43:33 +02:00
|
|
|
|
2014-03-23 07:16:34 +01:00
|
|
|
parsetree->targetList = lappend(parsetree->targetList, tle);
|
|
|
|
|
}
|
2010-10-10 19:43:33 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
1998-10-02 18:28:04 +02:00
|
|
|
/*
|
2000-09-29 20:21:41 +02:00
|
|
|
* matchLocks -
|
|
|
|
|
* match the list of locks and returns the matching rules
|
1998-10-02 18:28:04 +02:00
|
|
|
*/
|
2000-09-29 20:21:41 +02:00
|
|
|
static List *
|
|
|
|
|
matchLocks(CmdType event,
|
|
|
|
|
RuleLock *rulelocks,
|
|
|
|
|
int varno,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
Query *parsetree,
|
|
|
|
|
bool *hasUpdate)
|
2000-04-12 19:17:23 +02:00
|
|
|
{
|
2002-10-19 21:00:47 +02:00
|
|
|
List *matching_locks = NIL;
|
2000-09-29 20:21:41 +02:00
|
|
|
int nlocks;
|
|
|
|
|
int i;
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2003-02-26 00:47:43 +01:00
|
|
|
if (rulelocks == NULL)
|
|
|
|
|
return NIL;
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2000-09-29 20:21:41 +02:00
|
|
|
if (parsetree->commandType != CMD_SELECT)
|
1999-10-01 06:08:24 +02:00
|
|
|
{
|
2000-09-29 20:21:41 +02:00
|
|
|
if (parsetree->resultRelation != varno)
|
|
|
|
|
return NIL;
|
1999-10-01 06:08:24 +02:00
|
|
|
}
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2000-09-29 20:21:41 +02:00
|
|
|
nlocks = rulelocks->numLocks;
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2000-09-29 20:21:41 +02:00
|
|
|
for (i = 0; i < nlocks; i++)
|
1999-05-25 18:15:34 +02:00
|
|
|
{
|
2000-09-29 20:21:41 +02:00
|
|
|
RewriteRule *oneLock = rulelocks->rules[i];
|
1998-10-02 18:28:04 +02:00
|
|
|
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
if (oneLock->event == CMD_UPDATE)
|
|
|
|
|
*hasUpdate = true;
|
|
|
|
|
|
2007-03-20 00:38:32 +01:00
|
|
|
/*
|
2007-11-16 00:23:44 +01:00
|
|
|
* Suppress ON INSERT/UPDATE/DELETE rules that are disabled or
|
|
|
|
|
* configured to not fire during the current sessions replication
|
|
|
|
|
* role. ON SELECT rules will always be applied in order to keep views
|
|
|
|
|
* working even in LOCAL or REPLICA role.
|
2007-03-20 00:38:32 +01:00
|
|
|
*/
|
|
|
|
|
if (oneLock->event != CMD_SELECT)
|
|
|
|
|
{
|
|
|
|
|
if (SessionReplicationRole == SESSION_REPLICATION_ROLE_REPLICA)
|
|
|
|
|
{
|
|
|
|
|
if (oneLock->enabled == RULE_FIRES_ON_ORIGIN ||
|
|
|
|
|
oneLock->enabled == RULE_DISABLED)
|
|
|
|
|
continue;
|
|
|
|
|
}
|
2007-11-16 02:51:22 +01:00
|
|
|
else /* ORIGIN or LOCAL ROLE */
|
2007-03-20 00:38:32 +01:00
|
|
|
{
|
|
|
|
|
if (oneLock->enabled == RULE_FIRES_ON_REPLICA ||
|
|
|
|
|
oneLock->enabled == RULE_DISABLED)
|
|
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2000-09-29 20:21:41 +02:00
|
|
|
if (oneLock->event == event)
|
1999-11-15 03:00:15 +01:00
|
|
|
{
|
2000-09-29 20:21:41 +02:00
|
|
|
if (parsetree->commandType != CMD_SELECT ||
|
2013-09-05 21:03:43 +02:00
|
|
|
rangeTableEntry_used((Node *) parsetree, varno, 0))
|
2002-10-19 21:00:47 +02:00
|
|
|
matching_locks = lappend(matching_locks, oneLock);
|
1999-11-15 03:00:15 +01:00
|
|
|
}
|
1998-10-02 18:28:04 +02:00
|
|
|
}
|
2000-09-29 20:21:41 +02:00
|
|
|
|
2002-10-19 21:00:47 +02:00
|
|
|
return matching_locks;
|
1998-10-02 18:28:04 +02:00
|
|
|
}
|
|
|
|
|
|
2000-04-12 19:17:23 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
|
|
|
|
* ApplyRetrieveRule - expand an ON SELECT rule
|
|
|
|
|
*/
|
2000-09-29 20:21:41 +02:00
|
|
|
static Query *
|
|
|
|
|
ApplyRetrieveRule(Query *parsetree,
|
|
|
|
|
RewriteRule *rule,
|
|
|
|
|
int rt_index,
|
|
|
|
|
Relation relation,
|
2009-10-28 18:36:50 +01:00
|
|
|
List *activeRIRs,
|
|
|
|
|
bool forUpdatePushedDown)
|
2000-09-29 20:21:41 +02:00
|
|
|
{
|
|
|
|
|
Query *rule_action;
|
|
|
|
|
RangeTblEntry *rte,
|
|
|
|
|
*subrte;
|
2006-04-30 20:30:40 +02:00
|
|
|
RowMarkClause *rc;
|
2000-04-12 19:17:23 +02:00
|
|
|
|
2004-05-31 01:40:41 +02:00
|
|
|
if (list_length(rule->actions) != 1)
|
2003-07-25 02:01:09 +02:00
|
|
|
elog(ERROR, "expected just one rule action");
|
2000-09-29 20:21:41 +02:00
|
|
|
if (rule->qual != NULL)
|
2003-07-25 02:01:09 +02:00
|
|
|
elog(ERROR, "cannot handle qualified ON SELECT rule");
|
2000-04-12 19:17:23 +02:00
|
|
|
|
2010-10-10 19:43:33 +02:00
|
|
|
if (rt_index == parsetree->resultRelation)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* We have a view as the result relation of the query, and it wasn't
|
|
|
|
|
* rewritten by any rule. This case is supported if there is an
|
|
|
|
|
* INSTEAD OF trigger that will trap attempts to insert/update/delete
|
|
|
|
|
* view rows. The executor will check that; for the moment just plow
|
|
|
|
|
* ahead. We have two cases:
|
|
|
|
|
*
|
|
|
|
|
* For INSERT, we needn't do anything. The unmodified RTE will serve
|
|
|
|
|
* fine as the result relation.
|
|
|
|
|
*
|
|
|
|
|
* For UPDATE/DELETE, we need to expand the view so as to have source
|
2014-05-06 18:12:18 +02:00
|
|
|
* data for the operation. But we also need an unmodified RTE to
|
2010-10-10 19:43:33 +02:00
|
|
|
* serve as the target. So, copy the RTE and add the copy to the
|
2014-05-06 18:12:18 +02:00
|
|
|
* rangetable. Note that the copy does not get added to the jointree.
|
2011-04-10 17:42:00 +02:00
|
|
|
* Also note that there's a hack in fireRIRrules to avoid calling this
|
|
|
|
|
* function again when it arrives at the copied RTE.
|
2010-10-10 19:43:33 +02:00
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType == CMD_INSERT)
|
|
|
|
|
return parsetree;
|
|
|
|
|
else if (parsetree->commandType == CMD_UPDATE ||
|
|
|
|
|
parsetree->commandType == CMD_DELETE)
|
|
|
|
|
{
|
|
|
|
|
RangeTblEntry *newrte;
|
|
|
|
|
|
|
|
|
|
rte = rt_fetch(rt_index, parsetree->rtable);
|
|
|
|
|
newrte = copyObject(rte);
|
|
|
|
|
parsetree->rtable = lappend(parsetree->rtable, newrte);
|
|
|
|
|
parsetree->resultRelation = list_length(parsetree->rtable);
|
|
|
|
|
|
|
|
|
|
/*
|
2011-04-10 17:42:00 +02:00
|
|
|
* There's no need to do permissions checks twice, so wipe out the
|
|
|
|
|
* permissions info for the original RTE (we prefer to keep the
|
|
|
|
|
* bits set on the result RTE).
|
2010-10-10 19:43:33 +02:00
|
|
|
*/
|
|
|
|
|
rte->requiredPerms = 0;
|
|
|
|
|
rte->checkAsUser = InvalidOid;
|
|
|
|
|
rte->selectedCols = NULL;
|
2015-05-08 00:20:46 +02:00
|
|
|
rte->insertedCols = NULL;
|
|
|
|
|
rte->updatedCols = NULL;
|
2010-10-10 19:43:33 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For the most part, Vars referencing the view should remain as
|
|
|
|
|
* they are, meaning that they implicitly represent OLD values.
|
|
|
|
|
* But in the RETURNING list if any, we want such Vars to
|
|
|
|
|
* represent NEW values, so change them to reference the new RTE.
|
|
|
|
|
*
|
|
|
|
|
* Since ChangeVarNodes scribbles on the tree in-place, copy the
|
|
|
|
|
* RETURNING list first for safety.
|
|
|
|
|
*/
|
|
|
|
|
parsetree->returningList = copyObject(parsetree->returningList);
|
|
|
|
|
ChangeVarNodes((Node *) parsetree->returningList, rt_index,
|
|
|
|
|
parsetree->resultRelation, 0);
|
|
|
|
|
|
|
|
|
|
/* Now, continue with expanding the original view RTE */
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
elog(ERROR, "unrecognized commandType: %d",
|
|
|
|
|
(int) parsetree->commandType);
|
|
|
|
|
}
|
|
|
|
|
|
2009-10-28 18:36:50 +01:00
|
|
|
/*
|
2013-05-29 22:58:43 +02:00
|
|
|
* If FOR [KEY] UPDATE/SHARE of view, be sure we get right initial lock on
|
|
|
|
|
* the relations it references.
|
2009-10-28 18:36:50 +01:00
|
|
|
*/
|
|
|
|
|
rc = get_parse_rowmark(parsetree, rt_index);
|
|
|
|
|
forUpdatePushedDown |= (rc != NULL);
|
|
|
|
|
|
1999-10-02 06:42:04 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Make a modifiable copy of the view query, and acquire needed locks on
|
|
|
|
|
* the relations it mentions.
|
1999-10-02 06:42:04 +02:00
|
|
|
*/
|
2004-05-26 06:41:50 +02:00
|
|
|
rule_action = copyObject(linitial(rule->actions));
|
1998-10-02 18:28:04 +02:00
|
|
|
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
AcquireRewriteLocks(rule_action, true, forUpdatePushedDown);
|
2005-06-04 01:05:30 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Recursively expand any view references inside the view.
|
|
|
|
|
*/
|
2009-10-28 18:36:50 +01:00
|
|
|
rule_action = fireRIRrules(rule_action, activeRIRs, forUpdatePushedDown);
|
1999-11-15 03:00:15 +01:00
|
|
|
|
2000-04-12 19:17:23 +02:00
|
|
|
/*
|
2010-10-10 19:43:33 +02:00
|
|
|
* Now, plug the view query in as a subselect, replacing the relation's
|
|
|
|
|
* original RTE.
|
1999-10-01 06:08:24 +02:00
|
|
|
*/
|
2000-09-29 20:21:41 +02:00
|
|
|
rte = rt_fetch(rt_index, parsetree->rtable);
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2002-03-12 01:52:10 +01:00
|
|
|
rte->rtekind = RTE_SUBQUERY;
|
2000-09-29 20:21:41 +02:00
|
|
|
rte->relid = InvalidOid;
|
2011-12-22 22:15:57 +01:00
|
|
|
rte->security_barrier = RelationIsSecurityView(relation);
|
2000-09-29 20:21:41 +02:00
|
|
|
rte->subquery = rule_action;
|
|
|
|
|
rte->inh = false; /* must not be set for a subquery */
|
2000-04-12 19:17:23 +02:00
|
|
|
|
1999-11-15 03:00:15 +01:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* We move the view's permission check data down to its rangetable. The
|
2009-11-06 00:24:27 +01:00
|
|
|
* checks will actually be done against the OLD entry therein.
|
1999-10-01 06:08:24 +02:00
|
|
|
*/
|
2000-09-29 20:21:41 +02:00
|
|
|
subrte = rt_fetch(PRS2_OLD_VARNO, rule_action->rtable);
|
|
|
|
|
Assert(subrte->relid == relation->rd_id);
|
2004-01-15 00:01:55 +01:00
|
|
|
subrte->requiredPerms = rte->requiredPerms;
|
2001-05-03 19:47:49 +02:00
|
|
|
subrte->checkAsUser = rte->checkAsUser;
|
2009-01-22 21:16:10 +01:00
|
|
|
subrte->selectedCols = rte->selectedCols;
|
2015-05-08 00:20:46 +02:00
|
|
|
subrte->insertedCols = rte->insertedCols;
|
|
|
|
|
subrte->updatedCols = rte->updatedCols;
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2004-01-15 00:01:55 +01:00
|
|
|
rte->requiredPerms = 0; /* no permission check on subquery itself */
|
2005-06-28 07:09:14 +02:00
|
|
|
rte->checkAsUser = InvalidOid;
|
2009-01-22 21:16:10 +01:00
|
|
|
rte->selectedCols = NULL;
|
2015-05-08 00:20:46 +02:00
|
|
|
rte->insertedCols = NULL;
|
|
|
|
|
rte->updatedCols = NULL;
|
2000-04-12 19:17:23 +02:00
|
|
|
|
1999-10-01 06:08:24 +02:00
|
|
|
/*
|
2013-05-29 22:58:43 +02:00
|
|
|
* If FOR [KEY] UPDATE/SHARE of view, mark all the contained tables as
|
|
|
|
|
* implicit FOR [KEY] UPDATE/SHARE, the same as the parser would have done
|
|
|
|
|
* if the view's subquery had been written out explicitly.
|
2009-10-28 18:36:50 +01:00
|
|
|
*
|
|
|
|
|
* Note: we don't consider forUpdatePushedDown here; such marks will be
|
|
|
|
|
* made by recursing from the upper level in markQueryForLocking.
|
1999-10-01 06:08:24 +02:00
|
|
|
*/
|
2009-10-28 18:36:50 +01:00
|
|
|
if (rc != NULL)
|
2007-03-01 19:50:28 +01:00
|
|
|
markQueryForLocking(rule_action, (Node *) rule_action->jointree,
|
2014-10-07 22:23:34 +02:00
|
|
|
rc->strength, rc->waitPolicy, true);
|
1999-01-21 17:08:55 +01:00
|
|
|
|
1999-10-01 06:08:24 +02:00
|
|
|
return parsetree;
|
1998-10-02 18:28:04 +02:00
|
|
|
}
|
|
|
|
|
|
2000-12-07 02:22:25 +01:00
|
|
|
/*
|
Improve concurrency of foreign key locking
This patch introduces two additional lock modes for tuples: "SELECT FOR
KEY SHARE" and "SELECT FOR NO KEY UPDATE". These don't block each
other, in contrast with already existing "SELECT FOR SHARE" and "SELECT
FOR UPDATE". UPDATE commands that do not modify the values stored in
the columns that are part of the key of the tuple now grab a SELECT FOR
NO KEY UPDATE lock on the tuple, allowing them to proceed concurrently
with tuple locks of the FOR KEY SHARE variety.
Foreign key triggers now use FOR KEY SHARE instead of FOR SHARE; this
means the concurrency improvement applies to them, which is the whole
point of this patch.
The added tuple lock semantics require some rejiggering of the multixact
module, so that the locking level that each transaction is holding can
be stored alongside its Xid. Also, multixacts now need to persist
across server restarts and crashes, because they can now represent not
only tuple locks, but also tuple updates. This means we need more
careful tracking of lifetime of pg_multixact SLRU files; since they now
persist longer, we require more infrastructure to figure out when they
can be removed. pg_upgrade also needs to be careful to copy
pg_multixact files over from the old server to the new, or at least part
of multixact.c state, depending on the versions of the old and new
servers.
Tuple time qualification rules (HeapTupleSatisfies routines) need to be
careful not to consider tuples with the "is multi" infomask bit set as
being only locked; they might need to look up MultiXact values (i.e.
possibly do pg_multixact I/O) to find out the Xid that updated a tuple,
whereas they previously were assured to only use information readily
available from the tuple header. This is considered acceptable, because
the extra I/O would involve cases that would previously cause some
commands to block waiting for concurrent transactions to finish.
Another important change is the fact that locking tuples that have
previously been updated causes the future versions to be marked as
locked, too; this is essential for correctness of foreign key checks.
This causes additional WAL-logging, also (there was previously a single
WAL record for a locked tuple; now there are as many as updated copies
of the tuple there exist.)
With all this in place, contention related to tuples being checked by
foreign key rules should be much reduced.
As a bonus, the old behavior that a subtransaction grabbing a stronger
tuple lock than the parent (sub)transaction held on a given tuple and
later aborting caused the weaker lock to be lost, has been fixed.
Many new spec files were added for isolation tester framework, to ensure
overall behavior is sane. There's probably room for several more tests.
There were several reviewers of this patch; in particular, Noah Misch
and Andres Freund spent considerable time in it. Original idea for the
patch came from Simon Riggs, after a problem report by Joel Jacobson.
Most code is from me, with contributions from Marti Raudsepp, Alexander
Shulgin, Noah Misch and Andres Freund.
This patch was discussed in several pgsql-hackers threads; the most
important start at the following message-ids:
AANLkTimo9XVcEzfiBR-ut3KVNDkjm2Vxh+t8kAmWjPuv@mail.gmail.com
1290721684-sup-3951@alvh.no-ip.org
1294953201-sup-2099@alvh.no-ip.org
1320343602-sup-2290@alvh.no-ip.org
1339690386-sup-8927@alvh.no-ip.org
4FE5FF020200002500048A3D@gw.wicourts.gov
4FEAB90A0200002500048B7D@gw.wicourts.gov
2013-01-23 16:04:59 +01:00
|
|
|
* Recursively mark all relations used by a view as FOR [KEY] UPDATE/SHARE.
|
2000-12-07 02:22:25 +01:00
|
|
|
*
|
|
|
|
|
* This may generate an invalid query, eg if some sub-query uses an
|
|
|
|
|
* aggregate. We leave it to the planner to detect that.
|
|
|
|
|
*
|
2007-03-01 19:50:28 +01:00
|
|
|
* NB: this must agree with the parser's transformLockingClause() routine.
|
|
|
|
|
* However, unlike the parser we have to be careful not to mark a view's
|
|
|
|
|
* OLD and NEW rels for updating. The best way to handle that seems to be
|
|
|
|
|
* to scan the jointree to determine which rels are used.
|
2000-12-07 02:22:25 +01:00
|
|
|
*/
|
|
|
|
|
static void
|
2009-10-28 15:55:47 +01:00
|
|
|
markQueryForLocking(Query *qry, Node *jtnode,
|
2014-10-07 22:23:34 +02:00
|
|
|
LockClauseStrength strength, LockWaitPolicy waitPolicy,
|
|
|
|
|
bool pushedDown)
|
2000-12-07 02:22:25 +01:00
|
|
|
{
|
2007-03-01 19:50:28 +01:00
|
|
|
if (jtnode == NULL)
|
|
|
|
|
return;
|
|
|
|
|
if (IsA(jtnode, RangeTblRef))
|
2000-12-07 02:22:25 +01:00
|
|
|
{
|
2007-03-01 19:50:28 +01:00
|
|
|
int rti = ((RangeTblRef *) jtnode)->rtindex;
|
|
|
|
|
RangeTblEntry *rte = rt_fetch(rti, qry->rtable);
|
2000-12-07 02:22:25 +01:00
|
|
|
|
2002-03-12 01:52:10 +01:00
|
|
|
if (rte->rtekind == RTE_RELATION)
|
2000-12-07 02:22:25 +01:00
|
|
|
{
|
2014-10-07 22:23:34 +02:00
|
|
|
applyLockingClause(qry, rti, strength, waitPolicy, pushedDown);
|
2013-03-10 19:14:53 +01:00
|
|
|
rte->requiredPerms |= ACL_SELECT_FOR_UPDATE;
|
2000-12-07 02:22:25 +01:00
|
|
|
}
|
2002-03-12 01:52:10 +01:00
|
|
|
else if (rte->rtekind == RTE_SUBQUERY)
|
|
|
|
|
{
|
2014-10-07 22:23:34 +02:00
|
|
|
applyLockingClause(qry, rti, strength, waitPolicy, pushedDown);
|
2013-03-10 19:14:53 +01:00
|
|
|
/* FOR UPDATE/SHARE of subquery is propagated to subquery's rels */
|
2007-03-01 19:50:28 +01:00
|
|
|
markQueryForLocking(rte->subquery, (Node *) rte->subquery->jointree,
|
2014-10-07 22:23:34 +02:00
|
|
|
strength, waitPolicy, true);
|
2002-03-12 01:52:10 +01:00
|
|
|
}
|
2009-10-27 18:11:18 +01:00
|
|
|
/* other RTE types are unaffected by FOR UPDATE */
|
2000-12-07 02:22:25 +01:00
|
|
|
}
|
2007-03-01 19:50:28 +01:00
|
|
|
else if (IsA(jtnode, FromExpr))
|
|
|
|
|
{
|
|
|
|
|
FromExpr *f = (FromExpr *) jtnode;
|
|
|
|
|
ListCell *l;
|
|
|
|
|
|
|
|
|
|
foreach(l, f->fromlist)
|
2014-10-07 22:23:34 +02:00
|
|
|
markQueryForLocking(qry, lfirst(l), strength, waitPolicy, pushedDown);
|
2007-03-01 19:50:28 +01:00
|
|
|
}
|
|
|
|
|
else if (IsA(jtnode, JoinExpr))
|
|
|
|
|
{
|
|
|
|
|
JoinExpr *j = (JoinExpr *) jtnode;
|
|
|
|
|
|
2014-10-07 22:23:34 +02:00
|
|
|
markQueryForLocking(qry, j->larg, strength, waitPolicy, pushedDown);
|
|
|
|
|
markQueryForLocking(qry, j->rarg, strength, waitPolicy, pushedDown);
|
2007-03-01 19:50:28 +01:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
elog(ERROR, "unrecognized node type: %d",
|
|
|
|
|
(int) nodeTag(jtnode));
|
2000-12-07 02:22:25 +01:00
|
|
|
}
|
|
|
|
|
|
1998-10-02 18:28:04 +02:00
|
|
|
|
1999-10-01 06:08:24 +02:00
|
|
|
/*
|
2000-09-29 20:21:41 +02:00
|
|
|
* fireRIRonSubLink -
|
|
|
|
|
* Apply fireRIRrules() to each SubLink (subselect in expression) found
|
|
|
|
|
* in the given tree.
|
1999-10-01 06:08:24 +02:00
|
|
|
*
|
|
|
|
|
* NOTE: although this has the form of a walker, we cheat and modify the
|
2014-05-06 18:12:18 +02:00
|
|
|
* SubLink nodes in-place. It is caller's responsibility to ensure that
|
1999-10-01 06:08:24 +02:00
|
|
|
* no unwanted side-effects occur!
|
2000-09-12 23:07:18 +02:00
|
|
|
*
|
|
|
|
|
* This is unlike most of the other routines that recurse into subselects,
|
|
|
|
|
* because we must take control at the SubLink node in order to replace
|
|
|
|
|
* the SubLink's subselect link with the possibly-rewritten subquery.
|
1999-10-01 06:08:24 +02:00
|
|
|
*/
|
|
|
|
|
static bool
|
2003-02-26 00:47:43 +01:00
|
|
|
fireRIRonSubLink(Node *node, List *activeRIRs)
|
1998-10-02 18:28:04 +02:00
|
|
|
{
|
|
|
|
|
if (node == NULL)
|
1999-10-01 06:08:24 +02:00
|
|
|
return false;
|
|
|
|
|
if (IsA(node, SubLink))
|
1999-05-25 18:15:34 +02:00
|
|
|
{
|
1999-10-01 06:08:24 +02:00
|
|
|
SubLink *sub = (SubLink *) node;
|
|
|
|
|
|
|
|
|
|
/* Do what we came for */
|
2003-02-26 00:47:43 +01:00
|
|
|
sub->subselect = (Node *) fireRIRrules((Query *) sub->subselect,
|
2009-10-28 18:36:50 +01:00
|
|
|
activeRIRs, false);
|
2000-09-12 23:07:18 +02:00
|
|
|
/* Fall through to process lefthand args of SubLink */
|
1998-10-02 18:28:04 +02:00
|
|
|
}
|
2001-03-22 05:01:46 +01:00
|
|
|
|
2000-09-12 23:07:18 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Do NOT recurse into Query nodes, because fireRIRrules already processed
|
|
|
|
|
* subselects of subselects for us.
|
2000-09-12 23:07:18 +02:00
|
|
|
*/
|
2000-09-29 20:21:41 +02:00
|
|
|
return expression_tree_walker(node, fireRIRonSubLink,
|
2003-02-26 00:47:43 +01:00
|
|
|
(void *) activeRIRs);
|
1998-10-02 18:28:04 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* fireRIRrules -
|
|
|
|
|
* Apply all RIR rules on each rangetable entry in a query
|
|
|
|
|
*/
|
|
|
|
|
static Query *
|
2009-10-28 18:36:50 +01:00
|
|
|
fireRIRrules(Query *parsetree, List *activeRIRs, bool forUpdatePushedDown)
|
1998-10-02 18:28:04 +02:00
|
|
|
{
|
2010-10-10 19:43:33 +02:00
|
|
|
int origResultRelation = parsetree->resultRelation;
|
1999-05-25 18:15:34 +02:00
|
|
|
int rt_index;
|
2008-10-04 23:56:55 +02:00
|
|
|
ListCell *lc;
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2000-04-12 19:17:23 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* don't try to convert this into a foreach loop, because rtable list can
|
|
|
|
|
* get changed each time through...
|
1999-10-07 06:23:24 +02:00
|
|
|
*/
|
1998-10-02 18:28:04 +02:00
|
|
|
rt_index = 0;
|
2004-05-31 01:40:41 +02:00
|
|
|
while (rt_index < list_length(parsetree->rtable))
|
1999-05-25 18:15:34 +02:00
|
|
|
{
|
2000-11-08 23:10:03 +01:00
|
|
|
RangeTblEntry *rte;
|
|
|
|
|
Relation rel;
|
|
|
|
|
List *locks;
|
|
|
|
|
RuleLock *rules;
|
|
|
|
|
RewriteRule *rule;
|
|
|
|
|
int i;
|
|
|
|
|
|
1998-10-02 18:28:04 +02:00
|
|
|
++rt_index;
|
|
|
|
|
|
1999-11-01 06:18:31 +01:00
|
|
|
rte = rt_fetch(rt_index, parsetree->rtable);
|
1999-05-25 15:16:10 +02:00
|
|
|
|
2000-09-29 20:21:41 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* A subquery RTE can't have associated rules, so there's nothing to
|
|
|
|
|
* do to this level of the query, but we must recurse into the
|
2000-09-29 20:21:41 +02:00
|
|
|
* subquery to expand any rule references in it.
|
|
|
|
|
*/
|
2002-03-12 01:52:10 +01:00
|
|
|
if (rte->rtekind == RTE_SUBQUERY)
|
2000-09-29 20:21:41 +02:00
|
|
|
{
|
2009-10-28 18:36:50 +01:00
|
|
|
rte->subquery = fireRIRrules(rte->subquery, activeRIRs,
|
|
|
|
|
(forUpdatePushedDown ||
|
2010-02-26 03:01:40 +01:00
|
|
|
get_parse_rowmark(parsetree, rt_index) != NULL));
|
2000-09-29 20:21:41 +02:00
|
|
|
continue;
|
|
|
|
|
}
|
|
|
|
|
|
2002-03-12 01:52:10 +01:00
|
|
|
/*
|
|
|
|
|
* Joins and other non-relation RTEs can be ignored completely.
|
|
|
|
|
*/
|
|
|
|
|
if (rte->rtekind != RTE_RELATION)
|
|
|
|
|
continue;
|
|
|
|
|
|
2013-04-27 23:48:57 +02:00
|
|
|
/*
|
|
|
|
|
* Always ignore RIR rules for materialized views referenced in
|
|
|
|
|
* queries. (This does not prevent refreshing MVs, since they aren't
|
|
|
|
|
* referenced in their own query definitions.)
|
|
|
|
|
*
|
|
|
|
|
* Note: in the future we might want to allow MVs to be conditionally
|
|
|
|
|
* expanded as if they were regular views, if they are not scannable.
|
|
|
|
|
* In that case this test would need to be postponed till after we've
|
|
|
|
|
* opened the rel, so that we could check its state.
|
|
|
|
|
*/
|
|
|
|
|
if (rte->relkind == RELKIND_MATVIEW)
|
|
|
|
|
continue;
|
|
|
|
|
|
1999-10-07 06:23:24 +02:00
|
|
|
/*
|
2000-04-20 02:31:49 +02:00
|
|
|
* If the table is not referenced in the query, then we ignore it.
|
|
|
|
|
* This prevents infinite expansion loop due to new rtable entries
|
|
|
|
|
* inserted by expansion of a rule. A table is referenced if it is
|
2005-10-15 04:49:52 +02:00
|
|
|
* part of the join set (a source table), or is referenced by any Var
|
|
|
|
|
* nodes, or is the result table.
|
1999-10-07 06:23:24 +02:00
|
|
|
*/
|
2005-05-29 20:34:57 +02:00
|
|
|
if (rt_index != parsetree->resultRelation &&
|
|
|
|
|
!rangeTableEntry_used((Node *) parsetree, rt_index, 0))
|
1998-10-02 18:28:04 +02:00
|
|
|
continue;
|
1999-05-25 18:15:34 +02:00
|
|
|
|
2010-10-10 19:43:33 +02:00
|
|
|
/*
|
|
|
|
|
* Also, if this is a new result relation introduced by
|
|
|
|
|
* ApplyRetrieveRule, we don't want to do anything more with it.
|
|
|
|
|
*/
|
|
|
|
|
if (rt_index == parsetree->resultRelation &&
|
|
|
|
|
rt_index != origResultRelation)
|
|
|
|
|
continue;
|
|
|
|
|
|
2000-11-08 23:10:03 +01:00
|
|
|
/*
|
2005-06-04 01:05:30 +02:00
|
|
|
* We can use NoLock here since either the parser or
|
|
|
|
|
* AcquireRewriteLocks should have locked the rel already.
|
2000-11-08 23:10:03 +01:00
|
|
|
*/
|
2005-06-04 01:05:30 +02:00
|
|
|
rel = heap_open(rte->relid, NoLock);
|
2001-04-17 02:32:58 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Collect the RIR rules that we must apply
|
|
|
|
|
*/
|
1999-10-07 06:23:24 +02:00
|
|
|
rules = rel->rd_rules;
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
if (rules != NULL)
|
1999-05-25 18:15:34 +02:00
|
|
|
{
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
locks = NIL;
|
|
|
|
|
for (i = 0; i < rules->numLocks; i++)
|
|
|
|
|
{
|
|
|
|
|
rule = rules->rules[i];
|
|
|
|
|
if (rule->event != CMD_SELECT)
|
|
|
|
|
continue;
|
1999-05-25 18:15:34 +02:00
|
|
|
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
locks = lappend(locks, rule);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If we found any, apply them --- but first check for recursion!
|
|
|
|
|
*/
|
|
|
|
|
if (locks != NIL)
|
|
|
|
|
{
|
|
|
|
|
ListCell *l;
|
|
|
|
|
|
|
|
|
|
if (list_member_oid(activeRIRs, RelationGetRelid(rel)))
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_INVALID_OBJECT_DEFINITION),
|
|
|
|
|
errmsg("infinite recursion detected in rules for relation \"%s\"",
|
|
|
|
|
RelationGetRelationName(rel))));
|
|
|
|
|
activeRIRs = lcons_oid(RelationGetRelid(rel), activeRIRs);
|
|
|
|
|
|
|
|
|
|
foreach(l, locks)
|
|
|
|
|
{
|
|
|
|
|
rule = lfirst(l);
|
|
|
|
|
|
|
|
|
|
parsetree = ApplyRetrieveRule(parsetree,
|
|
|
|
|
rule,
|
|
|
|
|
rt_index,
|
|
|
|
|
rel,
|
|
|
|
|
activeRIRs,
|
|
|
|
|
forUpdatePushedDown);
|
|
|
|
|
}
|
1998-10-02 18:28:04 +02:00
|
|
|
|
Row-Level Security Policies (RLS)
Building on the updatable security-barrier views work, add the
ability to define policies on tables to limit the set of rows
which are returned from a query and which are allowed to be added
to a table. Expressions defined by the policy for filtering are
added to the security barrier quals of the query, while expressions
defined to check records being added to a table are added to the
with-check options of the query.
New top-level commands are CREATE/ALTER/DROP POLICY and are
controlled by the table owner. Row Security is able to be enabled
and disabled by the owner on a per-table basis using
ALTER TABLE .. ENABLE/DISABLE ROW SECURITY.
Per discussion, ROW SECURITY is disabled on tables by default and
must be enabled for policies on the table to be used. If no
policies exist on a table with ROW SECURITY enabled, a default-deny
policy is used and no records will be visible.
By default, row security is applied at all times except for the
table owner and the superuser. A new GUC, row_security, is added
which can be set to ON, OFF, or FORCE. When set to FORCE, row
security will be applied even for the table owner and superusers.
When set to OFF, row security will be disabled when allowed and an
error will be thrown if the user does not have rights to bypass row
security.
Per discussion, pg_dump sets row_security = OFF by default to ensure
that exports and backups will have all data in the table or will
error if there are insufficient privileges to bypass row security.
A new option has been added to pg_dump, --enable-row-security, to
ask pg_dump to export with row security enabled.
A new role capability, BYPASSRLS, which can only be set by the
superuser, is added to allow other users to be able to bypass row
security using row_security = OFF.
Many thanks to the various individuals who have helped with the
design, particularly Robert Haas for his feedback.
Authors include Craig Ringer, KaiGai Kohei, Adam Brightwell, Dean
Rasheed, with additional changes and rework by me.
Reviewers have included all of the above, Greg Smith,
Jeff McCormick, and Robert Haas.
2014-09-19 17:18:35 +02:00
|
|
|
activeRIRs = list_delete_first(activeRIRs);
|
|
|
|
|
}
|
|
|
|
|
}
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2000-11-08 23:10:03 +01:00
|
|
|
heap_close(rel, NoLock);
|
1998-10-02 18:28:04 +02:00
|
|
|
}
|
|
|
|
|
|
2008-10-04 23:56:55 +02:00
|
|
|
/* Recurse into subqueries in WITH */
|
|
|
|
|
foreach(lc, parsetree->cteList)
|
|
|
|
|
{
|
|
|
|
|
CommonTableExpr *cte = (CommonTableExpr *) lfirst(lc);
|
|
|
|
|
|
|
|
|
|
cte->ctequery = (Node *)
|
2009-10-28 18:36:50 +01:00
|
|
|
fireRIRrules((Query *) cte->ctequery, activeRIRs, false);
|
2008-10-04 23:56:55 +02:00
|
|
|
}
|
|
|
|
|
|
2000-09-29 20:21:41 +02:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* Recurse into sublink subqueries, too. But we already did the ones in
|
2008-10-04 23:56:55 +02:00
|
|
|
* the rtable and cteList.
|
2000-09-29 20:21:41 +02:00
|
|
|
*/
|
|
|
|
|
if (parsetree->hasSubLinks)
|
2003-02-26 00:47:43 +01:00
|
|
|
query_tree_walker(parsetree, fireRIRonSubLink, (void *) activeRIRs,
|
2008-10-04 23:56:55 +02:00
|
|
|
QTW_IGNORE_RC_SUBQUERIES);
|
1998-10-02 18:28:04 +02:00
|
|
|
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
/*
|
|
|
|
|
* Apply any row level security policies. We do this last because it
|
|
|
|
|
* requires special recursion detection if the new quals have sublink
|
2015-05-24 03:35:49 +02:00
|
|
|
* subqueries, and if we did it in the loop above query_tree_walker would
|
|
|
|
|
* then recurse into those quals a second time.
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
*/
|
|
|
|
|
rt_index = 0;
|
|
|
|
|
foreach(lc, parsetree->rtable)
|
|
|
|
|
{
|
|
|
|
|
RangeTblEntry *rte = (RangeTblEntry *) lfirst(lc);
|
|
|
|
|
Relation rel;
|
|
|
|
|
List *securityQuals;
|
|
|
|
|
List *withCheckOptions;
|
|
|
|
|
bool hasRowSecurity;
|
|
|
|
|
bool hasSubLinks;
|
|
|
|
|
|
|
|
|
|
++rt_index;
|
|
|
|
|
|
|
|
|
|
/* Only normal relations can have RLS policies */
|
|
|
|
|
if (rte->rtekind != RTE_RELATION ||
|
|
|
|
|
rte->relkind != RELKIND_RELATION)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
rel = heap_open(rte->relid, NoLock);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Fetch any new security quals that must be applied to this RTE.
|
|
|
|
|
*/
|
2015-09-15 21:49:31 +02:00
|
|
|
get_row_security_policies(parsetree, rte, rt_index,
|
|
|
|
|
&securityQuals, &withCheckOptions,
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
&hasRowSecurity, &hasSubLinks);
|
|
|
|
|
|
|
|
|
|
if (securityQuals != NIL || withCheckOptions != NIL)
|
|
|
|
|
{
|
|
|
|
|
if (hasSubLinks)
|
|
|
|
|
{
|
2015-08-28 17:39:37 +02:00
|
|
|
acquireLocksOnSubLinks_context context;
|
|
|
|
|
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
/*
|
|
|
|
|
* Recursively process the new quals, checking for infinite
|
|
|
|
|
* recursion.
|
|
|
|
|
*/
|
|
|
|
|
if (list_member_oid(activeRIRs, RelationGetRelid(rel)))
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_INVALID_OBJECT_DEFINITION),
|
|
|
|
|
errmsg("infinite recursion detected in policy for relation \"%s\"",
|
|
|
|
|
RelationGetRelationName(rel))));
|
|
|
|
|
|
|
|
|
|
activeRIRs = lcons_oid(RelationGetRelid(rel), activeRIRs);
|
|
|
|
|
|
2015-08-28 17:39:37 +02:00
|
|
|
/*
|
|
|
|
|
* get_row_security_policies just passed back securityQuals
|
|
|
|
|
* and/or withCheckOptions, and there were SubLinks, make sure
|
|
|
|
|
* we lock any relations which are referenced.
|
|
|
|
|
*
|
|
|
|
|
* These locks would normally be acquired by the parser, but
|
|
|
|
|
* securityQuals and withCheckOptions are added post-parsing.
|
|
|
|
|
*/
|
|
|
|
|
context.for_execute = true;
|
|
|
|
|
(void) acquireLocksOnSubLinks((Node *) securityQuals, &context);
|
|
|
|
|
(void) acquireLocksOnSubLinks((Node *) withCheckOptions,
|
|
|
|
|
&context);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Now that we have the locks on anything added by
|
|
|
|
|
* get_row_security_policies, fire any RIR rules for them.
|
|
|
|
|
*/
|
2015-05-24 03:35:49 +02:00
|
|
|
expression_tree_walker((Node *) securityQuals,
|
|
|
|
|
fireRIRonSubLink, (void *) activeRIRs);
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
|
2015-05-24 03:35:49 +02:00
|
|
|
expression_tree_walker((Node *) withCheckOptions,
|
|
|
|
|
fireRIRonSubLink, (void *) activeRIRs);
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
|
|
|
|
|
activeRIRs = list_delete_first(activeRIRs);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
2016-11-10 22:16:33 +01:00
|
|
|
* Add the new security barrier quals to the start of the RTE's
|
|
|
|
|
* list so that they get applied before any existing barrier quals
|
|
|
|
|
* (which would have come from a security-barrier view, and should
|
|
|
|
|
* get lower priority than RLS conditions on the table itself).
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
*/
|
|
|
|
|
rte->securityQuals = list_concat(securityQuals,
|
|
|
|
|
rte->securityQuals);
|
|
|
|
|
|
|
|
|
|
parsetree->withCheckOptions = list_concat(withCheckOptions,
|
2015-05-24 03:35:49 +02:00
|
|
|
parsetree->withCheckOptions);
|
RLS fixes, new hooks, and new test module
In prepend_row_security_policies(), defaultDeny was always true, so if
there were any hook policies, the RLS policies on the table would just
get discarded. Fixed to start off with defaultDeny as false and then
properly set later if we detect that only the default deny policy exists
for the internal policies.
The infinite recursion detection in fireRIRrules() didn't properly
manage the activeRIRs list in the case of WCOs, so it would incorrectly
report infinite recusion if the same relation with RLS appeared more
than once in the rtable, for example "UPDATE t ... FROM t ...".
Further, the RLS expansion code in fireRIRrules() was handling RLS in
the main loop through the rtable, which lead to RTEs being visited twice
if they contained sublink subqueries, which
prepend_row_security_policies() attempted to handle by exiting early if
the RTE already had securityQuals. That doesn't work, however, since
if the query involved a security barrier view on top of a table with
RLS, the RTE would already have securityQuals (from the view) by the
time fireRIRrules() was invoked, and so the table's RLS policies would
be ignored. This is fixed in fireRIRrules() by handling RLS in a
separate loop at the end, after dealing with any other sublink
subqueries, thus ensuring that each RTE is only visited once for RLS
expansion.
The inheritance planner code didn't correctly handle non-target
relations with RLS, which would get turned into subqueries during
planning. Thus an update of the form "UPDATE t1 ... FROM t2 ..." where
t1 has inheritance and t2 has RLS quals would fail. Fix by making sure
to copy in and update the securityQuals when they exist for non-target
relations.
process_policies() was adding WCOs to non-target relations, which is
unnecessary, and could lead to a lot of wasted time in the rewriter and
the planner. Fix by only adding WCO policies when working on the result
relation. Also in process_policies, we should be copying the USING
policies to the WITH CHECK policies on a per-policy basis, fix by moving
the copying up into the per-policy loop.
Lastly, as noted by Dean, we were simply adding policies returned by the
hook provided to the list of quals being AND'd, meaning that they would
actually restrict records returned and there was no option to have
internal policies and hook-based policies work together permissively (as
all internal policies currently work). Instead, explicitly add support
for both permissive and restrictive policies by having a hook for each
and combining the results appropriately. To ensure this is all done
correctly, add a new test module (test_rls_hooks) to test the various
combinations of internal, permissive, and restrictive hook policies.
Largely from Dean Rasheed (thanks!):
CAEZATCVmFUfUOwwhnBTcgi6AquyjQ0-1fyKd0T3xBWJvn+xsFA@mail.gmail.com
Author: Dean Rasheed, though I added the new hooks and test module.
2015-04-22 18:01:06 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Make sure the query is marked correctly if row level security
|
|
|
|
|
* applies, or if the new quals had sublinks.
|
|
|
|
|
*/
|
|
|
|
|
if (hasRowSecurity)
|
|
|
|
|
parsetree->hasRowSecurity = true;
|
|
|
|
|
if (hasSubLinks)
|
|
|
|
|
parsetree->hasSubLinks = true;
|
|
|
|
|
|
|
|
|
|
heap_close(rel, NoLock);
|
|
|
|
|
}
|
|
|
|
|
|
1998-10-02 18:28:04 +02:00
|
|
|
return parsetree;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2000-12-05 20:15:10 +01:00
|
|
|
/*
|
2002-10-20 02:58:55 +02:00
|
|
|
* Modify the given query by adding 'AND rule_qual IS NOT TRUE' to its
|
|
|
|
|
* qualification. This is used to generate suitable "else clauses" for
|
|
|
|
|
* conditional INSTEAD rules. (Unfortunately we must use "x IS NOT TRUE",
|
|
|
|
|
* not just "NOT x" which the planner is much smarter about, else we will
|
|
|
|
|
* do the wrong thing when the qual evaluates to NULL.)
|
2000-12-05 20:15:10 +01:00
|
|
|
*
|
2014-05-06 18:12:18 +02:00
|
|
|
* The rule_qual may contain references to OLD or NEW. OLD references are
|
2000-12-05 20:15:10 +01:00
|
|
|
* replaced by references to the specified rt_index (the relation that the
|
|
|
|
|
* rule applies to). NEW references are only possible for INSERT and UPDATE
|
|
|
|
|
* queries on the relation itself, and so they should be replaced by copies
|
|
|
|
|
* of the related entries in the query's own targetlist.
|
|
|
|
|
*/
|
1997-09-08 04:41:22 +02:00
|
|
|
static Query *
|
2002-10-20 02:58:55 +02:00
|
|
|
CopyAndAddInvertedQual(Query *parsetree,
|
|
|
|
|
Node *rule_qual,
|
|
|
|
|
int rt_index,
|
|
|
|
|
CmdType event)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2005-06-04 01:05:30 +02:00
|
|
|
/* Don't scribble on the passed qual (it's in the relcache!) */
|
2017-03-09 21:18:59 +01:00
|
|
|
Node *new_qual = copyObject(rule_qual);
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
acquireLocksOnSubLinks_context context;
|
|
|
|
|
|
|
|
|
|
context.for_execute = true;
|
2000-12-05 20:15:10 +01:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
/*
|
|
|
|
|
* In case there are subqueries in the qual, acquire necessary locks and
|
|
|
|
|
* fix any deleted JOIN RTE entries. (This is somewhat redundant with
|
2005-10-15 04:49:52 +02:00
|
|
|
* rewriteRuleAction, but not entirely ... consider restructuring so that
|
|
|
|
|
* we only need to process the qual this way once.)
|
2005-06-04 01:05:30 +02:00
|
|
|
*/
|
Avoid getting more than AccessShareLock when deparsing a query.
In make_ruledef and get_query_def, we have long used AcquireRewriteLocks
to ensure that the querytree we are about to deparse is up-to-date and
the schemas of the underlying relations aren't changing. Howwever, that
function thinks the query is about to be executed, so it acquires locks
that are stronger than necessary for the purpose of deparsing. Thus for
example, if pg_dump asks to deparse a rule that includes "INSERT INTO t",
we'd acquire RowExclusiveLock on t. That results in interference with
concurrent transactions that might for example ask for ShareLock on t.
Since pg_dump is documented as being purely read-only, this is unexpected.
(Worse, it used to actually be read-only; this behavior dates back only
to 8.1, cf commit ba4200246.)
Fix this by adding a parameter to AcquireRewriteLocks to tell it whether
we want the "real" execution locks or only AccessShareLock.
Report, diagnosis, and patch by Dean Rasheed. Back-patch to all supported
branches.
2014-03-07 01:31:05 +01:00
|
|
|
(void) acquireLocksOnSubLinks(new_qual, &context);
|
2005-06-04 01:05:30 +02:00
|
|
|
|
2000-12-05 20:15:10 +01:00
|
|
|
/* Fix references to OLD */
|
|
|
|
|
ChangeVarNodes(new_qual, PRS2_OLD_VARNO, rt_index, 0);
|
|
|
|
|
/* Fix references to NEW */
|
|
|
|
|
if (event == CMD_INSERT || event == CMD_UPDATE)
|
2012-11-08 22:52:49 +01:00
|
|
|
new_qual = ReplaceVarsFromTargetList(new_qual,
|
|
|
|
|
PRS2_NEW_VARNO,
|
|
|
|
|
0,
|
|
|
|
|
rt_fetch(rt_index,
|
|
|
|
|
parsetree->rtable),
|
|
|
|
|
parsetree->targetList,
|
|
|
|
|
(event == CMD_UPDATE) ?
|
|
|
|
|
REPLACEVARS_CHANGE_VARNO :
|
|
|
|
|
REPLACEVARS_SUBSTITUTE_NULL,
|
|
|
|
|
rt_index,
|
|
|
|
|
&parsetree->hasSubLinks);
|
2000-12-05 20:15:10 +01:00
|
|
|
/* And attach the fixed qual */
|
2005-06-04 01:05:30 +02:00
|
|
|
AddInvertedQual(parsetree, new_qual);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
return parsetree;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
1997-09-07 07:04:48 +02:00
|
|
|
* fireRules -
|
1998-08-18 02:49:04 +02:00
|
|
|
* Iterate through rule locks applying rules.
|
1998-09-01 06:40:42 +02:00
|
|
|
*
|
2002-10-19 21:00:47 +02:00
|
|
|
* Input arguments:
|
|
|
|
|
* parsetree - original query
|
|
|
|
|
* rt_index - RT index of result relation in original query
|
|
|
|
|
* event - type of rule event
|
|
|
|
|
* locks - list of rules to fire
|
|
|
|
|
* Output arguments:
|
|
|
|
|
* *instead_flag - set TRUE if any unqualified INSTEAD rule is found
|
|
|
|
|
* (must be initialized to FALSE)
|
2006-09-02 19:06:52 +02:00
|
|
|
* *returning_flag - set TRUE if we rewrite RETURNING clause in any rule
|
|
|
|
|
* (must be initialized to FALSE)
|
2002-10-19 21:00:47 +02:00
|
|
|
* *qual_product - filled with modified original query if any qualified
|
|
|
|
|
* INSTEAD rule is found (must be initialized to NULL)
|
|
|
|
|
* Return value:
|
|
|
|
|
* list of rule actions adjusted for use with this query
|
1996-07-09 08:22:35 +02:00
|
|
|
*
|
2002-10-19 21:00:47 +02:00
|
|
|
* Qualified INSTEAD rules generate their action with the qualification
|
|
|
|
|
* condition added. They also generate a modified version of the original
|
|
|
|
|
* query with the negated qualification added, so that it will run only for
|
|
|
|
|
* rows that the qualified action doesn't act on. (If there are multiple
|
|
|
|
|
* qualified INSTEAD rules, we AND all the negated quals onto a single
|
|
|
|
|
* modified original query.) We won't execute the original, unmodified
|
2014-05-06 18:12:18 +02:00
|
|
|
* query if we find either qualified or unqualified INSTEAD rules. If
|
2002-10-19 21:00:47 +02:00
|
|
|
* we find both, the modified original query is discarded too.
|
1996-07-09 08:22:35 +02:00
|
|
|
*/
|
1997-09-08 04:41:22 +02:00
|
|
|
static List *
|
1997-09-08 23:56:23 +02:00
|
|
|
fireRules(Query *parsetree,
|
1997-09-07 07:04:48 +02:00
|
|
|
int rt_index,
|
|
|
|
|
CmdType event,
|
1997-09-08 23:56:23 +02:00
|
|
|
List *locks,
|
2002-10-19 21:00:47 +02:00
|
|
|
bool *instead_flag,
|
2006-09-02 19:06:52 +02:00
|
|
|
bool *returning_flag,
|
2002-10-19 21:00:47 +02:00
|
|
|
Query **qual_product)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
1997-09-08 04:41:22 +02:00
|
|
|
List *results = NIL;
|
2004-05-26 06:41:50 +02:00
|
|
|
ListCell *l;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2004-05-26 06:41:50 +02:00
|
|
|
foreach(l, locks)
|
1997-09-07 07:04:48 +02:00
|
|
|
{
|
2004-05-26 06:41:50 +02:00
|
|
|
RewriteRule *rule_lock = (RewriteRule *) lfirst(l);
|
2002-10-19 21:00:47 +02:00
|
|
|
Node *event_qual = rule_lock->qual;
|
|
|
|
|
List *actions = rule_lock->actions;
|
2003-08-04 02:43:34 +02:00
|
|
|
QuerySource qsrc;
|
2004-05-26 06:41:50 +02:00
|
|
|
ListCell *r;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2002-10-15 00:14:35 +02:00
|
|
|
/* Determine correct QuerySource value for actions */
|
|
|
|
|
if (rule_lock->isInstead)
|
|
|
|
|
{
|
|
|
|
|
if (event_qual != NULL)
|
|
|
|
|
qsrc = QSRC_QUAL_INSTEAD_RULE;
|
|
|
|
|
else
|
2002-10-19 21:00:47 +02:00
|
|
|
{
|
2002-10-15 00:14:35 +02:00
|
|
|
qsrc = QSRC_INSTEAD_RULE;
|
2003-08-04 02:43:34 +02:00
|
|
|
*instead_flag = true; /* report unqualified INSTEAD */
|
2002-10-19 21:00:47 +02:00
|
|
|
}
|
2002-10-15 00:14:35 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
qsrc = QSRC_NON_INSTEAD_RULE;
|
|
|
|
|
|
|
|
|
|
if (qsrc == QSRC_QUAL_INSTEAD_RULE)
|
1998-09-01 06:40:42 +02:00
|
|
|
{
|
2001-03-22 07:16:21 +01:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* If there are INSTEAD rules with qualifications, the original
|
|
|
|
|
* query is still performed. But all the negated rule
|
|
|
|
|
* qualifications of the INSTEAD rules are added so it does its
|
|
|
|
|
* actions only in cases where the rule quals of all INSTEAD rules
|
|
|
|
|
* are false. Think of it as the default action in a case. We save
|
|
|
|
|
* this in *qual_product so RewriteQuery() can add it to the query
|
|
|
|
|
* list after we mangled it up enough.
|
2002-10-19 21:00:47 +02:00
|
|
|
*
|
2003-08-04 02:43:34 +02:00
|
|
|
* If we have already found an unqualified INSTEAD rule, then
|
|
|
|
|
* *qual_product won't be used, so don't bother building it.
|
1998-08-18 02:49:04 +02:00
|
|
|
*/
|
2003-08-04 02:43:34 +02:00
|
|
|
if (!*instead_flag)
|
2002-10-19 21:00:47 +02:00
|
|
|
{
|
|
|
|
|
if (*qual_product == NULL)
|
2005-06-04 01:05:30 +02:00
|
|
|
*qual_product = copyObject(parsetree);
|
2002-10-20 02:58:55 +02:00
|
|
|
*qual_product = CopyAndAddInvertedQual(*qual_product,
|
|
|
|
|
event_qual,
|
|
|
|
|
rt_index,
|
|
|
|
|
event);
|
2002-10-19 21:00:47 +02:00
|
|
|
}
|
1998-08-18 02:49:04 +02:00
|
|
|
}
|
|
|
|
|
|
2002-10-15 00:14:35 +02:00
|
|
|
/* Now process the rule's actions and add them to the result list */
|
1997-09-07 07:04:48 +02:00
|
|
|
foreach(r, actions)
|
|
|
|
|
{
|
1997-09-08 04:41:22 +02:00
|
|
|
Query *rule_action = lfirst(r);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
1998-08-18 02:49:04 +02:00
|
|
|
if (rule_action->commandType == CMD_NOTHING)
|
|
|
|
|
continue;
|
|
|
|
|
|
2001-06-13 20:56:30 +02:00
|
|
|
rule_action = rewriteRuleAction(parsetree, rule_action,
|
2006-09-02 19:06:52 +02:00
|
|
|
event_qual, rt_index, event,
|
|
|
|
|
returning_flag);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2002-10-15 00:14:35 +02:00
|
|
|
rule_action->querySource = qsrc;
|
2003-05-02 22:54:36 +02:00
|
|
|
rule_action->canSetTag = false; /* might change later */
|
2002-10-15 00:14:35 +02:00
|
|
|
|
2001-06-13 20:56:30 +02:00
|
|
|
results = lappend(results, rule_action);
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
|
|
|
|
}
|
2002-10-15 00:14:35 +02:00
|
|
|
|
1997-09-07 07:04:48 +02:00
|
|
|
return results;
|
1996-07-09 08:22:35 +02:00
|
|
|
}
|
|
|
|
|
|
1998-08-18 02:49:04 +02:00
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
|
|
|
|
* get_view_query - get the Query from a view's _RETURN rule.
|
|
|
|
|
*
|
|
|
|
|
* Caller should have verified that the relation is a view, and therefore
|
|
|
|
|
* we should find an ON SELECT action.
|
2015-12-21 16:34:14 +01:00
|
|
|
*
|
|
|
|
|
* Note that the pointer returned is into the relcache and therefore must
|
|
|
|
|
* be treated as read-only to the caller and not modified or scribbled on.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
2013-07-18 23:10:16 +02:00
|
|
|
Query *
|
2012-12-09 00:25:48 +01:00
|
|
|
get_view_query(Relation view)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
Assert(view->rd_rel->relkind == RELKIND_VIEW);
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < view->rd_rules->numLocks; i++)
|
|
|
|
|
{
|
|
|
|
|
RewriteRule *rule = view->rd_rules->rules[i];
|
|
|
|
|
|
|
|
|
|
if (rule->event == CMD_SELECT)
|
|
|
|
|
{
|
|
|
|
|
/* A _RETURN rule should have only one action */
|
|
|
|
|
if (list_length(rule->actions) != 1)
|
|
|
|
|
elog(ERROR, "invalid _RETURN rule action specification");
|
|
|
|
|
|
|
|
|
|
return (Query *) linitial(rule->actions);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
elog(ERROR, "failed to find _RETURN rule for view");
|
|
|
|
|
return NULL; /* keep compiler quiet */
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* view_has_instead_trigger - does view have an INSTEAD OF trigger for event?
|
|
|
|
|
*
|
|
|
|
|
* If it does, we don't want to treat it as auto-updatable. This test can't
|
2013-10-18 16:35:36 +02:00
|
|
|
* be folded into view_query_is_auto_updatable because it's not an error
|
|
|
|
|
* condition.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
|
|
|
|
static bool
|
|
|
|
|
view_has_instead_trigger(Relation view, CmdType event)
|
|
|
|
|
{
|
|
|
|
|
TriggerDesc *trigDesc = view->trigdesc;
|
|
|
|
|
|
|
|
|
|
switch (event)
|
|
|
|
|
{
|
|
|
|
|
case CMD_INSERT:
|
|
|
|
|
if (trigDesc && trigDesc->trig_insert_instead_row)
|
|
|
|
|
return true;
|
|
|
|
|
break;
|
|
|
|
|
case CMD_UPDATE:
|
|
|
|
|
if (trigDesc && trigDesc->trig_update_instead_row)
|
|
|
|
|
return true;
|
|
|
|
|
break;
|
|
|
|
|
case CMD_DELETE:
|
|
|
|
|
if (trigDesc && trigDesc->trig_delete_instead_row)
|
|
|
|
|
return true;
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
elog(ERROR, "unrecognized CmdType: %d", (int) event);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2013-10-18 16:35:36 +02:00
|
|
|
* view_col_is_auto_updatable - test whether the specified column of a view
|
|
|
|
|
* is auto-updatable. Returns NULL (if the column can be updated) or a message
|
|
|
|
|
* string giving the reason that it cannot be.
|
2013-07-18 23:10:16 +02:00
|
|
|
*
|
2013-10-18 16:35:36 +02:00
|
|
|
* Note that the checks performed here are local to this view. We do not check
|
|
|
|
|
* whether the referenced column of the underlying base relation is updatable.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
2013-10-18 16:35:36 +02:00
|
|
|
static const char *
|
|
|
|
|
view_col_is_auto_updatable(RangeTblRef *rtr, TargetEntry *tle)
|
2012-12-09 00:25:48 +01:00
|
|
|
{
|
2013-10-18 16:35:36 +02:00
|
|
|
Var *var = (Var *) tle->expr;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For now, the only updatable columns we support are those that are Vars
|
|
|
|
|
* referring to user columns of the underlying base relation.
|
|
|
|
|
*
|
|
|
|
|
* The view targetlist may contain resjunk columns (e.g., a view defined
|
|
|
|
|
* like "SELECT * FROM t ORDER BY a+b" is auto-updatable) but such columns
|
|
|
|
|
* are not auto-updatable, and in fact should never appear in the outer
|
|
|
|
|
* query's targetlist.
|
|
|
|
|
*/
|
|
|
|
|
if (tle->resjunk)
|
|
|
|
|
return gettext_noop("Junk view columns are not updatable.");
|
|
|
|
|
|
|
|
|
|
if (!IsA(var, Var) ||
|
|
|
|
|
var->varno != rtr->rtindex ||
|
|
|
|
|
var->varlevelsup != 0)
|
|
|
|
|
return gettext_noop("View columns that are not columns of their base relation are not updatable.");
|
|
|
|
|
|
|
|
|
|
if (var->varattno < 0)
|
|
|
|
|
return gettext_noop("View columns that refer to system columns are not updatable.");
|
|
|
|
|
|
|
|
|
|
if (var->varattno == 0)
|
|
|
|
|
return gettext_noop("View columns that return whole-row references are not updatable.");
|
2013-07-18 23:10:16 +02:00
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
return NULL; /* the view column is updatable */
|
2013-07-18 23:10:16 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2013-10-18 16:35:36 +02:00
|
|
|
* view_query_is_auto_updatable - test whether the specified view definition
|
|
|
|
|
* represents an auto-updatable view. Returns NULL (if the view can be updated)
|
|
|
|
|
* or a message string giving the reason that it cannot be.
|
2013-07-18 23:10:16 +02:00
|
|
|
*
|
2013-10-18 16:35:36 +02:00
|
|
|
* If check_cols is true, the view is required to have at least one updatable
|
|
|
|
|
* column (necessary for INSERT/UPDATE). Otherwise the view's columns are not
|
|
|
|
|
* checked for updatability. See also view_cols_are_auto_updatable.
|
2013-07-18 23:10:16 +02:00
|
|
|
*
|
2013-10-18 16:35:36 +02:00
|
|
|
* Note that the checks performed here are only based on the view definition.
|
|
|
|
|
* We do not check whether any base relations referred to by the view are
|
|
|
|
|
* updatable.
|
2013-07-18 23:10:16 +02:00
|
|
|
*/
|
|
|
|
|
const char *
|
2014-04-13 03:04:58 +02:00
|
|
|
view_query_is_auto_updatable(Query *viewquery, bool check_cols)
|
2013-07-18 23:10:16 +02:00
|
|
|
{
|
2012-12-09 00:25:48 +01:00
|
|
|
RangeTblRef *rtr;
|
|
|
|
|
RangeTblEntry *base_rte;
|
|
|
|
|
|
|
|
|
|
/*----------
|
|
|
|
|
* Check if the view is simply updatable. According to SQL-92 this means:
|
|
|
|
|
* - No DISTINCT clause.
|
|
|
|
|
* - Each TLE is a column reference, and each column appears at most once.
|
|
|
|
|
* - FROM contains exactly one base relation.
|
|
|
|
|
* - No GROUP BY or HAVING clauses.
|
|
|
|
|
* - No set operations (UNION, INTERSECT or EXCEPT).
|
|
|
|
|
* - No sub-queries in the WHERE clause that reference the target table.
|
|
|
|
|
*
|
|
|
|
|
* We ignore that last restriction since it would be complex to enforce
|
|
|
|
|
* and there isn't any actual benefit to disallowing sub-queries. (The
|
|
|
|
|
* semantic issues that the standard is presumably concerned about don't
|
|
|
|
|
* arise in Postgres, since any such sub-query will not see any updates
|
|
|
|
|
* executed by the outer query anyway, thanks to MVCC snapshotting.)
|
|
|
|
|
*
|
2013-10-18 16:35:36 +02:00
|
|
|
* We also relax the second restriction by supporting part of SQL:1999
|
|
|
|
|
* feature T111, which allows for a mix of updatable and non-updatable
|
|
|
|
|
* columns, provided that an INSERT or UPDATE doesn't attempt to assign to
|
|
|
|
|
* a non-updatable column.
|
|
|
|
|
*
|
2012-12-09 00:25:48 +01:00
|
|
|
* In addition we impose these constraints, involving features that are
|
|
|
|
|
* not part of SQL-92:
|
|
|
|
|
* - No CTEs (WITH clauses).
|
|
|
|
|
* - No OFFSET or LIMIT clauses (this matches a SQL:2008 restriction).
|
|
|
|
|
* - No system columns (including whole-row references) in the tlist.
|
2013-10-18 16:35:36 +02:00
|
|
|
* - No window functions in the tlist.
|
|
|
|
|
* - No set-returning functions in the tlist.
|
2012-12-09 00:25:48 +01:00
|
|
|
*
|
|
|
|
|
* Note that we do these checks without recursively expanding the view.
|
|
|
|
|
* If the base relation is a view, we'll recursively deal with it later.
|
|
|
|
|
*----------
|
|
|
|
|
*/
|
|
|
|
|
if (viewquery->distinctClause != NIL)
|
|
|
|
|
return gettext_noop("Views containing DISTINCT are not automatically updatable.");
|
|
|
|
|
|
Support GROUPING SETS, CUBE and ROLLUP.
This SQL standard functionality allows to aggregate data by different
GROUP BY clauses at once. Each grouping set returns rows with columns
grouped by in other sets set to NULL.
This could previously be achieved by doing each grouping as a separate
query, conjoined by UNION ALLs. Besides being considerably more concise,
grouping sets will in many cases be faster, requiring only one scan over
the underlying data.
The current implementation of grouping sets only supports using sorting
for input. Individual sets that share a sort order are computed in one
pass. If there are sets that don't share a sort order, additional sort &
aggregation steps are performed. These additional passes are sourced by
the previous sort step; thus avoiding repeated scans of the source data.
The code is structured in a way that adding support for purely using
hash aggregation or a mix of hashing and sorting is possible. Sorting
was chosen to be supported first, as it is the most generic method of
implementation.
Instead of, as in an earlier versions of the patch, representing the
chain of sort and aggregation steps as full blown planner and executor
nodes, all but the first sort are performed inside the aggregation node
itself. This avoids the need to do some unusual gymnastics to handle
having to return aggregated and non-aggregated tuples from underlying
nodes, as well as having to shut down underlying nodes early to limit
memory usage. The optimizer still builds Sort/Agg node to describe each
phase, but they're not part of the plan tree, but instead additional
data for the aggregation node. They're a convenient and preexisting way
to describe aggregation and sorting. The first (and possibly only) sort
step is still performed as a separate execution step. That retains
similarity with existing group by plans, makes rescans fairly simple,
avoids very deep plans (leading to slow explains) and easily allows to
avoid the sorting step if the underlying data is sorted by other means.
A somewhat ugly side of this patch is having to deal with a grammar
ambiguity between the new CUBE keyword and the cube extension/functions
named cube (and rollup). To avoid breaking existing deployments of the
cube extension it has not been renamed, neither has cube been made a
reserved keyword. Instead precedence hacking is used to make GROUP BY
cube(..) refer to the CUBE grouping sets feature, and not the function
cube(). To actually group by a function cube(), unlikely as that might
be, the function name has to be quoted.
Needs a catversion bump because stored rules may change.
Author: Andrew Gierth and Atri Sharma, with contributions from Andres Freund
Reviewed-By: Andres Freund, Noah Misch, Tom Lane, Svenne Krap, Tomas
Vondra, Erik Rijkers, Marti Raudsepp, Pavel Stehule
Discussion: CAOeZVidmVRe2jU6aMk_5qkxnB7dfmPROzM7Ur8JPW5j8Y5X-Lw@mail.gmail.com
2015-05-16 03:40:59 +02:00
|
|
|
if (viewquery->groupClause != NIL || viewquery->groupingSets)
|
2012-12-09 00:25:48 +01:00
|
|
|
return gettext_noop("Views containing GROUP BY are not automatically updatable.");
|
|
|
|
|
|
|
|
|
|
if (viewquery->havingQual != NULL)
|
|
|
|
|
return gettext_noop("Views containing HAVING are not automatically updatable.");
|
|
|
|
|
|
|
|
|
|
if (viewquery->setOperations != NULL)
|
2013-04-14 17:12:30 +02:00
|
|
|
return gettext_noop("Views containing UNION, INTERSECT, or EXCEPT are not automatically updatable.");
|
2012-12-09 00:25:48 +01:00
|
|
|
|
|
|
|
|
if (viewquery->cteList != NIL)
|
|
|
|
|
return gettext_noop("Views containing WITH are not automatically updatable.");
|
|
|
|
|
|
|
|
|
|
if (viewquery->limitOffset != NULL || viewquery->limitCount != NULL)
|
|
|
|
|
return gettext_noop("Views containing LIMIT or OFFSET are not automatically updatable.");
|
|
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
/*
|
|
|
|
|
* We must not allow window functions or set returning functions in the
|
|
|
|
|
* targetlist. Otherwise we might end up inserting them into the quals of
|
|
|
|
|
* the main query. We must also check for aggregates in the targetlist in
|
|
|
|
|
* case they appear without a GROUP BY.
|
|
|
|
|
*
|
|
|
|
|
* These restrictions ensure that each row of the view corresponds to a
|
|
|
|
|
* unique row in the underlying base relation.
|
|
|
|
|
*/
|
|
|
|
|
if (viewquery->hasAggs)
|
2014-08-29 06:01:34 +02:00
|
|
|
return gettext_noop("Views that return aggregate functions are not automatically updatable.");
|
2013-10-18 16:35:36 +02:00
|
|
|
|
|
|
|
|
if (viewquery->hasWindowFuncs)
|
2014-08-29 06:01:34 +02:00
|
|
|
return gettext_noop("Views that return window functions are not automatically updatable.");
|
2013-10-18 16:35:36 +02:00
|
|
|
|
2016-09-13 19:54:24 +02:00
|
|
|
if (viewquery->hasTargetSRFs)
|
2013-10-18 16:35:36 +02:00
|
|
|
return gettext_noop("Views that return set-returning functions are not automatically updatable.");
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
|
|
|
|
* The view query should select from a single base relation, which must be
|
|
|
|
|
* a table or another view.
|
|
|
|
|
*/
|
|
|
|
|
if (list_length(viewquery->jointree->fromlist) != 1)
|
|
|
|
|
return gettext_noop("Views that do not select from a single table or view are not automatically updatable.");
|
|
|
|
|
|
|
|
|
|
rtr = (RangeTblRef *) linitial(viewquery->jointree->fromlist);
|
|
|
|
|
if (!IsA(rtr, RangeTblRef))
|
|
|
|
|
return gettext_noop("Views that do not select from a single table or view are not automatically updatable.");
|
|
|
|
|
|
|
|
|
|
base_rte = rt_fetch(rtr->rtindex, viewquery->rtable);
|
|
|
|
|
if (base_rte->rtekind != RTE_RELATION ||
|
|
|
|
|
(base_rte->relkind != RELKIND_RELATION &&
|
2013-06-12 23:52:54 +02:00
|
|
|
base_rte->relkind != RELKIND_FOREIGN_TABLE &&
|
2017-01-24 21:46:50 +01:00
|
|
|
base_rte->relkind != RELKIND_VIEW &&
|
|
|
|
|
base_rte->relkind != RELKIND_PARTITIONED_TABLE))
|
2012-12-09 00:25:48 +01:00
|
|
|
return gettext_noop("Views that do not select from a single table or view are not automatically updatable.");
|
|
|
|
|
|
2015-05-15 20:37:10 +02:00
|
|
|
if (base_rte->tablesample)
|
|
|
|
|
return gettext_noop("Views containing TABLESAMPLE are not automatically updatable.");
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
2013-10-18 16:35:36 +02:00
|
|
|
* Check that the view has at least one updatable column. This is required
|
|
|
|
|
* for INSERT/UPDATE but not for DELETE.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
2013-10-18 16:35:36 +02:00
|
|
|
if (check_cols)
|
2012-12-09 00:25:48 +01:00
|
|
|
{
|
2013-10-18 16:35:36 +02:00
|
|
|
ListCell *cell;
|
|
|
|
|
bool found;
|
2012-12-09 00:25:48 +01:00
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
found = false;
|
|
|
|
|
foreach(cell, viewquery->targetList)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *tle = (TargetEntry *) lfirst(cell);
|
|
|
|
|
|
|
|
|
|
if (view_col_is_auto_updatable(rtr, tle) == NULL)
|
|
|
|
|
{
|
|
|
|
|
found = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-12-09 00:25:48 +01:00
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
if (!found)
|
|
|
|
|
return gettext_noop("Views that have no updatable columns are not automatically updatable.");
|
|
|
|
|
}
|
2012-12-09 00:25:48 +01:00
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
return NULL; /* the view is updatable */
|
|
|
|
|
}
|
2012-12-09 00:25:48 +01:00
|
|
|
|
|
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
/*
|
|
|
|
|
* view_cols_are_auto_updatable - test whether all of the required columns of
|
|
|
|
|
* an auto-updatable view are actually updatable. Returns NULL (if all the
|
|
|
|
|
* required columns can be updated) or a message string giving the reason that
|
|
|
|
|
* they cannot be.
|
|
|
|
|
*
|
|
|
|
|
* This should be used for INSERT/UPDATE to ensure that we don't attempt to
|
|
|
|
|
* assign to any non-updatable columns.
|
|
|
|
|
*
|
|
|
|
|
* Additionally it may be used to retrieve the set of updatable columns in the
|
|
|
|
|
* view, or if one or more of the required columns is not updatable, the name
|
|
|
|
|
* of the first offending non-updatable column.
|
|
|
|
|
*
|
|
|
|
|
* The caller must have already verified that this is an auto-updatable view
|
|
|
|
|
* using view_query_is_auto_updatable.
|
|
|
|
|
*
|
|
|
|
|
* Note that the checks performed here are only based on the view definition.
|
|
|
|
|
* We do not check whether the referenced columns of the base relation are
|
|
|
|
|
* updatable.
|
|
|
|
|
*/
|
|
|
|
|
static const char *
|
|
|
|
|
view_cols_are_auto_updatable(Query *viewquery,
|
|
|
|
|
Bitmapset *required_cols,
|
|
|
|
|
Bitmapset **updatable_cols,
|
|
|
|
|
char **non_updatable_col)
|
|
|
|
|
{
|
|
|
|
|
RangeTblRef *rtr;
|
|
|
|
|
AttrNumber col;
|
|
|
|
|
ListCell *cell;
|
2012-12-09 00:25:48 +01:00
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
/*
|
2014-05-06 18:12:18 +02:00
|
|
|
* The caller should have verified that this view is auto-updatable and so
|
|
|
|
|
* there should be a single base relation.
|
2013-10-18 16:35:36 +02:00
|
|
|
*/
|
|
|
|
|
Assert(list_length(viewquery->jointree->fromlist) == 1);
|
2017-02-21 17:33:07 +01:00
|
|
|
rtr = castNode(RangeTblRef, linitial(viewquery->jointree->fromlist));
|
2013-10-18 16:35:36 +02:00
|
|
|
|
|
|
|
|
/* Initialize the optional return values */
|
|
|
|
|
if (updatable_cols != NULL)
|
|
|
|
|
*updatable_cols = NULL;
|
|
|
|
|
if (non_updatable_col != NULL)
|
|
|
|
|
*non_updatable_col = NULL;
|
|
|
|
|
|
|
|
|
|
/* Test each view column for updatability */
|
|
|
|
|
col = -FirstLowInvalidHeapAttributeNumber;
|
|
|
|
|
foreach(cell, viewquery->targetList)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *tle = (TargetEntry *) lfirst(cell);
|
|
|
|
|
const char *col_update_detail;
|
|
|
|
|
|
|
|
|
|
col++;
|
|
|
|
|
col_update_detail = view_col_is_auto_updatable(rtr, tle);
|
|
|
|
|
|
|
|
|
|
if (col_update_detail == NULL)
|
|
|
|
|
{
|
|
|
|
|
/* The column is updatable */
|
|
|
|
|
if (updatable_cols != NULL)
|
|
|
|
|
*updatable_cols = bms_add_member(*updatable_cols, col);
|
|
|
|
|
}
|
|
|
|
|
else if (bms_is_member(col, required_cols))
|
|
|
|
|
{
|
|
|
|
|
/* The required column is not updatable */
|
|
|
|
|
if (non_updatable_col != NULL)
|
|
|
|
|
*non_updatable_col = tle->resname;
|
|
|
|
|
return col_update_detail;
|
|
|
|
|
}
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
|
|
|
|
|
2014-05-06 18:12:18 +02:00
|
|
|
return NULL; /* all the required view columns are updatable */
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2013-06-12 23:52:54 +02:00
|
|
|
* relation_is_updatable - determine which update events the specified
|
|
|
|
|
* relation supports.
|
2012-12-09 00:25:48 +01:00
|
|
|
*
|
2013-10-18 16:35:36 +02:00
|
|
|
* Note that views may contain a mix of updatable and non-updatable columns.
|
|
|
|
|
* For a view to support INSERT/UPDATE it must have at least one updatable
|
|
|
|
|
* column, but there is no such restriction for DELETE. If include_cols is
|
|
|
|
|
* non-NULL, then only the specified columns are considered when testing for
|
|
|
|
|
* updatability.
|
|
|
|
|
*
|
2012-12-09 00:25:48 +01:00
|
|
|
* This is used for the information_schema views, which have separate concepts
|
2014-05-06 18:12:18 +02:00
|
|
|
* of "updatable" and "trigger updatable". A relation is "updatable" if it
|
2012-12-09 00:25:48 +01:00
|
|
|
* can be updated without the need for triggers (either because it has a
|
|
|
|
|
* suitable RULE, or because it is simple enough to be automatically updated).
|
|
|
|
|
* A relation is "trigger updatable" if it has a suitable INSTEAD OF trigger.
|
|
|
|
|
* The SQL standard regards this as not necessarily updatable, presumably
|
|
|
|
|
* because there is no way of knowing what the trigger will actually do.
|
2013-06-12 23:52:54 +02:00
|
|
|
* The information_schema views therefore call this function with
|
|
|
|
|
* include_triggers = false. However, other callers might only care whether
|
|
|
|
|
* data-modifying SQL will work, so they can pass include_triggers = true
|
|
|
|
|
* to have trigger updatability included in the result.
|
2012-12-09 00:25:48 +01:00
|
|
|
*
|
2013-06-12 23:52:54 +02:00
|
|
|
* The return value is a bitmask of rule event numbers indicating which of
|
2014-05-06 18:12:18 +02:00
|
|
|
* the INSERT, UPDATE and DELETE operations are supported. (We do it this way
|
2013-06-12 23:52:54 +02:00
|
|
|
* so that we can test for UPDATE plus DELETE support in a single call.)
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
2013-06-12 23:52:54 +02:00
|
|
|
int
|
2013-10-18 16:35:36 +02:00
|
|
|
relation_is_updatable(Oid reloid,
|
|
|
|
|
bool include_triggers,
|
|
|
|
|
Bitmapset *include_cols)
|
2012-12-09 00:25:48 +01:00
|
|
|
{
|
2013-06-12 23:52:54 +02:00
|
|
|
int events = 0;
|
2012-12-09 00:25:48 +01:00
|
|
|
Relation rel;
|
|
|
|
|
RuleLock *rulelocks;
|
|
|
|
|
|
2013-06-12 23:52:54 +02:00
|
|
|
#define ALL_EVENTS ((1 << CMD_INSERT) | (1 << CMD_UPDATE) | (1 << CMD_DELETE))
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
rel = try_relation_open(reloid, AccessShareLock);
|
|
|
|
|
|
|
|
|
|
/*
|
2013-06-12 23:52:54 +02:00
|
|
|
* If the relation doesn't exist, return zero rather than throwing an
|
2013-05-29 22:58:43 +02:00
|
|
|
* error. This is helpful since scanning an information_schema view under
|
Use an MVCC snapshot, rather than SnapshotNow, for catalog scans.
SnapshotNow scans have the undesirable property that, in the face of
concurrent updates, the scan can fail to see either the old or the new
versions of the row. In many cases, we work around this by requiring
DDL operations to hold AccessExclusiveLock on the object being
modified; in some cases, the existing locking is inadequate and random
failures occur as a result. This commit doesn't change anything
related to locking, but will hopefully pave the way to allowing lock
strength reductions in the future.
The major issue has held us back from making this change in the past
is that taking an MVCC snapshot is significantly more expensive than
using a static special snapshot such as SnapshotNow. However, testing
of various worst-case scenarios reveals that this problem is not
severe except under fairly extreme workloads. To mitigate those
problems, we avoid retaking the MVCC snapshot for each new scan;
instead, we take a new snapshot only when invalidation messages have
been processed. The catcache machinery already requires that
invalidation messages be sent before releasing the related heavyweight
lock; else other backends might rely on locally-cached data rather
than scanning the catalog at all. Thus, making snapshot reuse
dependent on the same guarantees shouldn't break anything that wasn't
already subtly broken.
Patch by me. Review by Michael Paquier and Andres Freund.
2013-07-02 15:47:01 +02:00
|
|
|
* MVCC rules can result in referencing rels that have actually been
|
|
|
|
|
* deleted already.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
|
|
|
|
if (rel == NULL)
|
2013-06-12 23:52:54 +02:00
|
|
|
return 0;
|
|
|
|
|
|
|
|
|
|
/* If the relation is a table, it is always updatable */
|
|
|
|
|
if (rel->rd_rel->relkind == RELKIND_RELATION)
|
|
|
|
|
{
|
|
|
|
|
relation_close(rel, AccessShareLock);
|
|
|
|
|
return ALL_EVENTS;
|
|
|
|
|
}
|
2012-12-09 00:25:48 +01:00
|
|
|
|
|
|
|
|
/* Look for unconditional DO INSTEAD rules, and note supported events */
|
|
|
|
|
rulelocks = rel->rd_rules;
|
|
|
|
|
if (rulelocks != NULL)
|
|
|
|
|
{
|
|
|
|
|
int i;
|
|
|
|
|
|
|
|
|
|
for (i = 0; i < rulelocks->numLocks; i++)
|
|
|
|
|
{
|
|
|
|
|
if (rulelocks->rules[i]->isInstead &&
|
|
|
|
|
rulelocks->rules[i]->qual == NULL)
|
|
|
|
|
{
|
2013-06-12 23:52:54 +02:00
|
|
|
events |= ((1 << rulelocks->rules[i]->event) & ALL_EVENTS);
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-12 23:52:54 +02:00
|
|
|
/* If we have rules for all events, we're done */
|
|
|
|
|
if (events == ALL_EVENTS)
|
2012-12-09 00:25:48 +01:00
|
|
|
{
|
|
|
|
|
relation_close(rel, AccessShareLock);
|
2013-06-12 23:52:54 +02:00
|
|
|
return events;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Similarly look for INSTEAD OF triggers, if they are to be included */
|
|
|
|
|
if (include_triggers)
|
|
|
|
|
{
|
|
|
|
|
TriggerDesc *trigDesc = rel->trigdesc;
|
|
|
|
|
|
|
|
|
|
if (trigDesc)
|
|
|
|
|
{
|
|
|
|
|
if (trigDesc->trig_insert_instead_row)
|
|
|
|
|
events |= (1 << CMD_INSERT);
|
|
|
|
|
if (trigDesc->trig_update_instead_row)
|
|
|
|
|
events |= (1 << CMD_UPDATE);
|
|
|
|
|
if (trigDesc->trig_delete_instead_row)
|
|
|
|
|
events |= (1 << CMD_DELETE);
|
|
|
|
|
|
|
|
|
|
/* If we have triggers for all events, we're done */
|
|
|
|
|
if (events == ALL_EVENTS)
|
|
|
|
|
{
|
|
|
|
|
relation_close(rel, AccessShareLock);
|
|
|
|
|
return events;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* If this is a foreign table, check which update events it supports */
|
|
|
|
|
if (rel->rd_rel->relkind == RELKIND_FOREIGN_TABLE)
|
|
|
|
|
{
|
|
|
|
|
FdwRoutine *fdwroutine = GetFdwRoutineForRelation(rel, false);
|
|
|
|
|
|
|
|
|
|
if (fdwroutine->IsForeignRelUpdatable != NULL)
|
|
|
|
|
events |= fdwroutine->IsForeignRelUpdatable(rel);
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Assume presence of executor functions is sufficient */
|
|
|
|
|
if (fdwroutine->ExecForeignInsert != NULL)
|
|
|
|
|
events |= (1 << CMD_INSERT);
|
|
|
|
|
if (fdwroutine->ExecForeignUpdate != NULL)
|
|
|
|
|
events |= (1 << CMD_UPDATE);
|
|
|
|
|
if (fdwroutine->ExecForeignDelete != NULL)
|
|
|
|
|
events |= (1 << CMD_DELETE);
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
2013-06-12 23:52:54 +02:00
|
|
|
|
|
|
|
|
relation_close(rel, AccessShareLock);
|
|
|
|
|
return events;
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* Check if this is an automatically updatable view */
|
2013-10-18 16:35:36 +02:00
|
|
|
if (rel->rd_rel->relkind == RELKIND_VIEW)
|
2012-12-09 00:25:48 +01:00
|
|
|
{
|
2013-10-18 16:35:36 +02:00
|
|
|
Query *viewquery = get_view_query(rel);
|
|
|
|
|
|
2014-04-13 03:04:58 +02:00
|
|
|
if (view_query_is_auto_updatable(viewquery, false) == NULL)
|
2012-12-09 00:25:48 +01:00
|
|
|
{
|
2013-10-18 16:35:36 +02:00
|
|
|
Bitmapset *updatable_cols;
|
|
|
|
|
int auto_events;
|
|
|
|
|
RangeTblRef *rtr;
|
|
|
|
|
RangeTblEntry *base_rte;
|
|
|
|
|
Oid baseoid;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Determine which of the view's columns are updatable. If there
|
2014-05-06 18:12:18 +02:00
|
|
|
* are none within the set of columns we are looking at, then the
|
|
|
|
|
* view doesn't support INSERT/UPDATE, but it may still support
|
|
|
|
|
* DELETE.
|
2013-10-18 16:35:36 +02:00
|
|
|
*/
|
|
|
|
|
view_cols_are_auto_updatable(viewquery, NULL,
|
|
|
|
|
&updatable_cols, NULL);
|
|
|
|
|
|
|
|
|
|
if (include_cols != NULL)
|
|
|
|
|
updatable_cols = bms_int_members(updatable_cols, include_cols);
|
|
|
|
|
|
|
|
|
|
if (bms_is_empty(updatable_cols))
|
2014-05-06 18:12:18 +02:00
|
|
|
auto_events = (1 << CMD_DELETE); /* May support DELETE */
|
2013-10-18 16:35:36 +02:00
|
|
|
else
|
2014-05-06 18:12:18 +02:00
|
|
|
auto_events = ALL_EVENTS; /* May support all events */
|
2013-10-18 16:35:36 +02:00
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* The base relation must also support these update commands.
|
|
|
|
|
* Tables are always updatable, but for any other kind of base
|
|
|
|
|
* relation we must do a recursive check limited to the columns
|
|
|
|
|
* referenced by the locally updatable columns in this view.
|
|
|
|
|
*/
|
|
|
|
|
rtr = (RangeTblRef *) linitial(viewquery->jointree->fromlist);
|
|
|
|
|
base_rte = rt_fetch(rtr->rtindex, viewquery->rtable);
|
|
|
|
|
Assert(base_rte->rtekind == RTE_RELATION);
|
|
|
|
|
|
|
|
|
|
if (base_rte->relkind != RELKIND_RELATION)
|
|
|
|
|
{
|
|
|
|
|
baseoid = base_rte->relid;
|
|
|
|
|
include_cols = adjust_view_column_set(updatable_cols,
|
|
|
|
|
viewquery->targetList);
|
|
|
|
|
auto_events &= relation_is_updatable(baseoid,
|
|
|
|
|
include_triggers,
|
|
|
|
|
include_cols);
|
|
|
|
|
}
|
|
|
|
|
events |= auto_events;
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-06-12 23:52:54 +02:00
|
|
|
/* If we reach here, the relation may support some update commands */
|
2012-12-09 00:25:48 +01:00
|
|
|
relation_close(rel, AccessShareLock);
|
2013-06-12 23:52:54 +02:00
|
|
|
return events;
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* adjust_view_column_set - map a set of column numbers according to targetlist
|
|
|
|
|
*
|
|
|
|
|
* This is used with simply-updatable views to map column-permissions sets for
|
|
|
|
|
* the view columns onto the matching columns in the underlying base relation.
|
|
|
|
|
* The targetlist is expected to be a list of plain Vars of the underlying
|
2013-10-18 16:35:36 +02:00
|
|
|
* relation (as per the checks above in view_query_is_auto_updatable).
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
|
|
|
|
static Bitmapset *
|
|
|
|
|
adjust_view_column_set(Bitmapset *cols, List *targetlist)
|
|
|
|
|
{
|
|
|
|
|
Bitmapset *result = NULL;
|
2014-11-28 19:37:25 +01:00
|
|
|
int col;
|
2012-12-09 00:25:48 +01:00
|
|
|
|
2014-11-28 19:37:25 +01:00
|
|
|
col = -1;
|
|
|
|
|
while ((col = bms_next_member(cols, col)) >= 0)
|
2012-12-09 00:25:48 +01:00
|
|
|
{
|
|
|
|
|
/* bit numbers are offset by FirstLowInvalidHeapAttributeNumber */
|
|
|
|
|
AttrNumber attno = col + FirstLowInvalidHeapAttributeNumber;
|
|
|
|
|
|
|
|
|
|
if (attno == InvalidAttrNumber)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* There's a whole-row reference to the view. For permissions
|
|
|
|
|
* purposes, treat it as a reference to each column available from
|
|
|
|
|
* the view. (We should *not* convert this to a whole-row
|
|
|
|
|
* reference to the base relation, since the view may not touch
|
|
|
|
|
* all columns of the base relation.)
|
|
|
|
|
*/
|
|
|
|
|
ListCell *lc;
|
|
|
|
|
|
|
|
|
|
foreach(lc, targetlist)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *tle = (TargetEntry *) lfirst(lc);
|
|
|
|
|
Var *var;
|
|
|
|
|
|
|
|
|
|
if (tle->resjunk)
|
|
|
|
|
continue;
|
2017-02-21 17:33:07 +01:00
|
|
|
var = castNode(Var, tle->expr);
|
2012-12-09 00:25:48 +01:00
|
|
|
result = bms_add_member(result,
|
|
|
|
|
var->varattno - FirstLowInvalidHeapAttributeNumber);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* Views do not have system columns, so we do not expect to see
|
|
|
|
|
* any other system attnos here. If we do find one, the error
|
|
|
|
|
* case will apply.
|
|
|
|
|
*/
|
|
|
|
|
TargetEntry *tle = get_tle_by_resno(targetlist, attno);
|
|
|
|
|
|
|
|
|
|
if (tle != NULL && !tle->resjunk && IsA(tle->expr, Var))
|
|
|
|
|
{
|
|
|
|
|
Var *var = (Var *) tle->expr;
|
|
|
|
|
|
|
|
|
|
result = bms_add_member(result,
|
|
|
|
|
var->varattno - FirstLowInvalidHeapAttributeNumber);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
elog(ERROR, "attribute number %d not found in view targetlist",
|
|
|
|
|
attno);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return result;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* rewriteTargetView -
|
|
|
|
|
* Attempt to rewrite a query where the target relation is a view, so that
|
|
|
|
|
* the view's base relation becomes the target relation.
|
|
|
|
|
*
|
|
|
|
|
* Note that the base relation here may itself be a view, which may or may not
|
2014-05-06 18:12:18 +02:00
|
|
|
* have INSTEAD OF triggers or rules to handle the update. That is handled by
|
2012-12-09 00:25:48 +01:00
|
|
|
* the recursion in RewriteQuery.
|
|
|
|
|
*/
|
|
|
|
|
static Query *
|
|
|
|
|
rewriteTargetView(Query *parsetree, Relation view)
|
|
|
|
|
{
|
|
|
|
|
Query *viewquery;
|
2013-10-18 16:35:36 +02:00
|
|
|
const char *auto_update_detail;
|
2012-12-09 00:25:48 +01:00
|
|
|
RangeTblRef *rtr;
|
|
|
|
|
int base_rt_index;
|
|
|
|
|
int new_rt_index;
|
|
|
|
|
RangeTblEntry *base_rte;
|
|
|
|
|
RangeTblEntry *view_rte;
|
|
|
|
|
RangeTblEntry *new_rte;
|
|
|
|
|
Relation base_rel;
|
|
|
|
|
List *view_targetlist;
|
|
|
|
|
ListCell *lc;
|
|
|
|
|
|
2015-12-21 16:34:14 +01:00
|
|
|
/*
|
|
|
|
|
* Get the Query from the view's ON SELECT rule. We're going to munge the
|
|
|
|
|
* Query to change the view's base relation into the target relation,
|
|
|
|
|
* along with various other changes along the way, so we need to make a
|
|
|
|
|
* copy of it (get_view_query() returns a pointer into the relcache, so we
|
|
|
|
|
* have to treat it as read-only).
|
|
|
|
|
*/
|
|
|
|
|
viewquery = copyObject(get_view_query(view));
|
2013-10-18 16:35:36 +02:00
|
|
|
|
2015-12-21 16:34:14 +01:00
|
|
|
/* The view must be updatable, else fail */
|
2013-10-18 16:35:36 +02:00
|
|
|
auto_update_detail =
|
|
|
|
|
view_query_is_auto_updatable(viewquery,
|
|
|
|
|
parsetree->commandType != CMD_DELETE);
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
if (auto_update_detail)
|
|
|
|
|
{
|
|
|
|
|
/* messages here should match execMain.c's CheckValidResultRel */
|
|
|
|
|
switch (parsetree->commandType)
|
|
|
|
|
{
|
|
|
|
|
case CMD_INSERT:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
|
|
|
|
|
errmsg("cannot insert into view \"%s\"",
|
|
|
|
|
RelationGetRelationName(view)),
|
|
|
|
|
errdetail_internal("%s", _(auto_update_detail)),
|
2013-08-15 05:00:34 +02:00
|
|
|
errhint("To enable inserting into the view, provide an INSTEAD OF INSERT trigger or an unconditional ON INSERT DO INSTEAD rule.")));
|
2012-12-09 00:25:48 +01:00
|
|
|
break;
|
|
|
|
|
case CMD_UPDATE:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
|
|
|
|
|
errmsg("cannot update view \"%s\"",
|
|
|
|
|
RelationGetRelationName(view)),
|
|
|
|
|
errdetail_internal("%s", _(auto_update_detail)),
|
2013-08-15 05:00:34 +02:00
|
|
|
errhint("To enable updating the view, provide an INSTEAD OF UPDATE trigger or an unconditional ON UPDATE DO INSTEAD rule.")));
|
2012-12-09 00:25:48 +01:00
|
|
|
break;
|
|
|
|
|
case CMD_DELETE:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
|
|
|
|
|
errmsg("cannot delete from view \"%s\"",
|
|
|
|
|
RelationGetRelationName(view)),
|
|
|
|
|
errdetail_internal("%s", _(auto_update_detail)),
|
2013-08-15 05:00:34 +02:00
|
|
|
errhint("To enable deleting from the view, provide an INSTEAD OF DELETE trigger or an unconditional ON DELETE DO INSTEAD rule.")));
|
2012-12-09 00:25:48 +01:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
elog(ERROR, "unrecognized CmdType: %d",
|
|
|
|
|
(int) parsetree->commandType);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
/*
|
|
|
|
|
* For INSERT/UPDATE the modified columns must all be updatable. Note that
|
|
|
|
|
* we get the modified columns from the query's targetlist, not from the
|
2015-05-08 00:20:46 +02:00
|
|
|
* result RTE's insertedCols and/or updatedCols set, since
|
|
|
|
|
* rewriteTargetListIU may have added additional targetlist entries for
|
|
|
|
|
* view defaults, and these must also be updatable.
|
2013-10-18 16:35:36 +02:00
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType != CMD_DELETE)
|
|
|
|
|
{
|
|
|
|
|
Bitmapset *modified_cols = NULL;
|
|
|
|
|
char *non_updatable_col;
|
|
|
|
|
|
|
|
|
|
foreach(lc, parsetree->targetList)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *tle = (TargetEntry *) lfirst(lc);
|
|
|
|
|
|
|
|
|
|
if (!tle->resjunk)
|
|
|
|
|
modified_cols = bms_add_member(modified_cols,
|
|
|
|
|
tle->resno - FirstLowInvalidHeapAttributeNumber);
|
|
|
|
|
}
|
|
|
|
|
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
if (parsetree->onConflict)
|
|
|
|
|
{
|
|
|
|
|
foreach(lc, parsetree->onConflict->onConflictSet)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *tle = (TargetEntry *) lfirst(lc);
|
|
|
|
|
|
|
|
|
|
if (!tle->resjunk)
|
|
|
|
|
modified_cols = bms_add_member(modified_cols,
|
2015-05-24 03:35:49 +02:00
|
|
|
tle->resno - FirstLowInvalidHeapAttributeNumber);
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2013-10-18 16:35:36 +02:00
|
|
|
auto_update_detail = view_cols_are_auto_updatable(viewquery,
|
|
|
|
|
modified_cols,
|
|
|
|
|
NULL,
|
|
|
|
|
&non_updatable_col);
|
|
|
|
|
if (auto_update_detail)
|
|
|
|
|
{
|
|
|
|
|
/*
|
|
|
|
|
* This is a different error, caused by an attempt to update a
|
|
|
|
|
* non-updatable column in an otherwise updatable view.
|
|
|
|
|
*/
|
|
|
|
|
switch (parsetree->commandType)
|
|
|
|
|
{
|
|
|
|
|
case CMD_INSERT:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
2014-05-06 18:12:18 +02:00
|
|
|
errmsg("cannot insert into column \"%s\" of view \"%s\"",
|
|
|
|
|
non_updatable_col,
|
|
|
|
|
RelationGetRelationName(view)),
|
|
|
|
|
errdetail_internal("%s", _(auto_update_detail))));
|
2013-10-18 16:35:36 +02:00
|
|
|
break;
|
|
|
|
|
case CMD_UPDATE:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
2014-05-06 18:12:18 +02:00
|
|
|
errmsg("cannot update column \"%s\" of view \"%s\"",
|
|
|
|
|
non_updatable_col,
|
|
|
|
|
RelationGetRelationName(view)),
|
|
|
|
|
errdetail_internal("%s", _(auto_update_detail))));
|
2013-10-18 16:35:36 +02:00
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
elog(ERROR, "unrecognized CmdType: %d",
|
|
|
|
|
(int) parsetree->commandType);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/* Locate RTE describing the view in the outer query */
|
|
|
|
|
view_rte = rt_fetch(parsetree->resultRelation, parsetree->rtable);
|
|
|
|
|
|
|
|
|
|
/*
|
2013-10-18 16:35:36 +02:00
|
|
|
* If we get here, view_query_is_auto_updatable() has verified that the
|
|
|
|
|
* view contains a single base relation.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
|
|
|
|
Assert(list_length(viewquery->jointree->fromlist) == 1);
|
2017-02-21 17:33:07 +01:00
|
|
|
rtr = castNode(RangeTblRef, linitial(viewquery->jointree->fromlist));
|
2012-12-09 00:25:48 +01:00
|
|
|
|
|
|
|
|
base_rt_index = rtr->rtindex;
|
|
|
|
|
base_rte = rt_fetch(base_rt_index, viewquery->rtable);
|
|
|
|
|
Assert(base_rte->rtekind == RTE_RELATION);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Up to now, the base relation hasn't been touched at all in our query.
|
|
|
|
|
* We need to acquire lock on it before we try to do anything with it.
|
|
|
|
|
* (The subsequent recursive call of RewriteQuery will suppose that we
|
|
|
|
|
* already have the right lock!) Since it will become the query target
|
|
|
|
|
* relation, RowExclusiveLock is always the right thing.
|
|
|
|
|
*/
|
|
|
|
|
base_rel = heap_open(base_rte->relid, RowExclusiveLock);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* While we have the relation open, update the RTE's relkind, just in case
|
|
|
|
|
* it changed since this view was made (cf. AcquireRewriteLocks).
|
|
|
|
|
*/
|
|
|
|
|
base_rte->relkind = base_rel->rd_rel->relkind;
|
|
|
|
|
|
|
|
|
|
heap_close(base_rel, NoLock);
|
|
|
|
|
|
2015-09-08 23:02:49 +02:00
|
|
|
/*
|
|
|
|
|
* If the view query contains any sublink subqueries then we need to also
|
|
|
|
|
* acquire locks on any relations they refer to. We know that there won't
|
|
|
|
|
* be any subqueries in the range table or CTEs, so we can skip those, as
|
|
|
|
|
* in AcquireRewriteLocks.
|
|
|
|
|
*/
|
|
|
|
|
if (viewquery->hasSubLinks)
|
|
|
|
|
{
|
|
|
|
|
acquireLocksOnSubLinks_context context;
|
|
|
|
|
|
|
|
|
|
context.for_execute = true;
|
|
|
|
|
query_tree_walker(viewquery, acquireLocksOnSubLinks, &context,
|
|
|
|
|
QTW_IGNORE_RC_SUBQUERIES);
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
|
|
|
|
* Create a new target RTE describing the base relation, and add it to the
|
|
|
|
|
* outer query's rangetable. (What's happening in the next few steps is
|
|
|
|
|
* very much like what the planner would do to "pull up" the view into the
|
|
|
|
|
* outer query. Perhaps someday we should refactor things enough so that
|
|
|
|
|
* we can share code with the planner.)
|
|
|
|
|
*/
|
2015-12-21 16:34:14 +01:00
|
|
|
new_rte = (RangeTblEntry *) base_rte;
|
2012-12-09 00:25:48 +01:00
|
|
|
parsetree->rtable = lappend(parsetree->rtable, new_rte);
|
|
|
|
|
new_rt_index = list_length(parsetree->rtable);
|
|
|
|
|
|
2013-07-03 18:26:19 +02:00
|
|
|
/*
|
|
|
|
|
* INSERTs never inherit. For UPDATE/DELETE, we use the view query's
|
|
|
|
|
* inheritance flag for the base relation.
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType == CMD_INSERT)
|
|
|
|
|
new_rte->inh = false;
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
2015-12-21 16:34:14 +01:00
|
|
|
* Adjust the view's targetlist Vars to reference the new target RTE, ie
|
|
|
|
|
* make their varnos be new_rt_index instead of base_rt_index. There can
|
|
|
|
|
* be no Vars for other rels in the tlist, so this is sufficient to pull
|
|
|
|
|
* up the tlist expressions for use in the outer query. The tlist will
|
|
|
|
|
* provide the replacement expressions used by ReplaceVarsFromTargetList
|
|
|
|
|
* below.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
2015-12-21 16:34:14 +01:00
|
|
|
view_targetlist = viewquery->targetList;
|
2012-12-09 00:25:48 +01:00
|
|
|
|
|
|
|
|
ChangeVarNodes((Node *) view_targetlist,
|
|
|
|
|
base_rt_index,
|
|
|
|
|
new_rt_index,
|
|
|
|
|
0);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Mark the new target RTE for the permissions checks that we want to
|
|
|
|
|
* enforce against the view owner, as distinct from the query caller. At
|
|
|
|
|
* the relation level, require the same INSERT/UPDATE/DELETE permissions
|
|
|
|
|
* that the query caller needs against the view. We drop the ACL_SELECT
|
|
|
|
|
* bit that is presumably in new_rte->requiredPerms initially.
|
|
|
|
|
*
|
|
|
|
|
* Note: the original view RTE remains in the query's rangetable list.
|
|
|
|
|
* Although it will be unused in the query plan, we need it there so that
|
|
|
|
|
* the executor still performs appropriate permissions checks for the
|
|
|
|
|
* query caller's use of the view.
|
|
|
|
|
*/
|
|
|
|
|
new_rte->checkAsUser = view->rd_rel->relowner;
|
|
|
|
|
new_rte->requiredPerms = view_rte->requiredPerms;
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Now for the per-column permissions bits.
|
|
|
|
|
*
|
|
|
|
|
* Initially, new_rte contains selectedCols permission check bits for all
|
|
|
|
|
* base-rel columns referenced by the view, but since the view is a SELECT
|
2015-05-08 00:20:46 +02:00
|
|
|
* query its insertedCols/updatedCols is empty. We set insertedCols and
|
|
|
|
|
* updatedCols to include all the columns the outer query is trying to
|
|
|
|
|
* modify, adjusting the column numbers as needed. But we leave
|
|
|
|
|
* selectedCols as-is, so the view owner must have read permission for all
|
|
|
|
|
* columns used in the view definition, even if some of them are not read
|
|
|
|
|
* by the outer query. We could try to limit selectedCols to only columns
|
|
|
|
|
* used in the transformed query, but that does not correspond to what
|
|
|
|
|
* happens in ordinary SELECT usage of a view: all referenced columns must
|
|
|
|
|
* have read permission, even if optimization finds that some of them can
|
|
|
|
|
* be discarded during query transformation. The flattening we're doing
|
2015-05-24 03:35:49 +02:00
|
|
|
* here is an optional optimization, too. (If you are unpersuaded and
|
|
|
|
|
* want to change this, note that applying adjust_view_column_set to
|
2015-05-08 00:20:46 +02:00
|
|
|
* view_rte->selectedCols is clearly *not* the right answer, since that
|
|
|
|
|
* neglects base-rel columns used in the view's WHERE quals.)
|
2012-12-09 00:25:48 +01:00
|
|
|
*
|
|
|
|
|
* This step needs the modified view targetlist, so we have to do things
|
|
|
|
|
* in this order.
|
|
|
|
|
*/
|
2015-05-08 00:20:46 +02:00
|
|
|
Assert(bms_is_empty(new_rte->insertedCols) &&
|
|
|
|
|
bms_is_empty(new_rte->updatedCols));
|
|
|
|
|
|
|
|
|
|
new_rte->insertedCols = adjust_view_column_set(view_rte->insertedCols,
|
2012-12-09 00:25:48 +01:00
|
|
|
view_targetlist);
|
|
|
|
|
|
2015-05-08 00:20:46 +02:00
|
|
|
new_rte->updatedCols = adjust_view_column_set(view_rte->updatedCols,
|
|
|
|
|
view_targetlist);
|
|
|
|
|
|
2014-04-13 03:04:58 +02:00
|
|
|
/*
|
|
|
|
|
* Move any security barrier quals from the view RTE onto the new target
|
2014-05-06 18:12:18 +02:00
|
|
|
* RTE. Any such quals should now apply to the new target RTE and will
|
|
|
|
|
* not reference the original view RTE in the rewritten query.
|
2014-04-13 03:04:58 +02:00
|
|
|
*/
|
|
|
|
|
new_rte->securityQuals = view_rte->securityQuals;
|
|
|
|
|
view_rte->securityQuals = NIL;
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
|
|
|
|
* For UPDATE/DELETE, rewriteTargetListUD will have added a wholerow junk
|
|
|
|
|
* TLE for the view to the end of the targetlist, which we no longer need.
|
|
|
|
|
* Remove it to avoid unnecessary work when we process the targetlist.
|
|
|
|
|
* Note that when we recurse through rewriteQuery a new junk TLE will be
|
|
|
|
|
* added to allow the executor to find the proper row in the new target
|
|
|
|
|
* relation. (So, if we failed to do this, we might have multiple junk
|
|
|
|
|
* TLEs with the same name, which would be disastrous.)
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType != CMD_INSERT)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *tle = (TargetEntry *) llast(parsetree->targetList);
|
|
|
|
|
|
|
|
|
|
Assert(tle->resjunk);
|
|
|
|
|
Assert(IsA(tle->expr, Var) &&
|
|
|
|
|
((Var *) tle->expr)->varno == parsetree->resultRelation &&
|
|
|
|
|
((Var *) tle->expr)->varattno == 0);
|
|
|
|
|
parsetree->targetList = list_delete_ptr(parsetree->targetList, tle);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Now update all Vars in the outer query that reference the view to
|
|
|
|
|
* reference the appropriate column of the base relation instead.
|
|
|
|
|
*/
|
|
|
|
|
parsetree = (Query *)
|
|
|
|
|
ReplaceVarsFromTargetList((Node *) parsetree,
|
|
|
|
|
parsetree->resultRelation,
|
|
|
|
|
0,
|
|
|
|
|
view_rte,
|
|
|
|
|
view_targetlist,
|
|
|
|
|
REPLACEVARS_REPORT_ERROR,
|
|
|
|
|
0,
|
|
|
|
|
&parsetree->hasSubLinks);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Update all other RTI references in the query that point to the view
|
|
|
|
|
* (for example, parsetree->resultRelation itself) to point to the new
|
|
|
|
|
* base relation instead. Vars will not be affected since none of them
|
|
|
|
|
* reference parsetree->resultRelation any longer.
|
|
|
|
|
*/
|
|
|
|
|
ChangeVarNodes((Node *) parsetree,
|
|
|
|
|
parsetree->resultRelation,
|
|
|
|
|
new_rt_index,
|
|
|
|
|
0);
|
|
|
|
|
Assert(parsetree->resultRelation == new_rt_index);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For INSERT/UPDATE we must also update resnos in the targetlist to refer
|
|
|
|
|
* to columns of the base relation, since those indicate the target
|
|
|
|
|
* columns to be affected.
|
|
|
|
|
*
|
|
|
|
|
* Note that this destroys the resno ordering of the targetlist, but that
|
|
|
|
|
* will be fixed when we recurse through rewriteQuery, which will invoke
|
|
|
|
|
* rewriteTargetListIU again on the updated targetlist.
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType != CMD_DELETE)
|
|
|
|
|
{
|
|
|
|
|
foreach(lc, parsetree->targetList)
|
|
|
|
|
{
|
|
|
|
|
TargetEntry *tle = (TargetEntry *) lfirst(lc);
|
|
|
|
|
TargetEntry *view_tle;
|
|
|
|
|
|
|
|
|
|
if (tle->resjunk)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
view_tle = get_tle_by_resno(view_targetlist, tle->resno);
|
|
|
|
|
if (view_tle != NULL && !view_tle->resjunk && IsA(view_tle->expr, Var))
|
|
|
|
|
tle->resno = ((Var *) view_tle->expr)->varattno;
|
|
|
|
|
else
|
|
|
|
|
elog(ERROR, "attribute number %d not found in view targetlist",
|
|
|
|
|
tle->resno);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* For UPDATE/DELETE, pull up any WHERE quals from the view. We know that
|
|
|
|
|
* any Vars in the quals must reference the one base relation, so we need
|
|
|
|
|
* only adjust their varnos to reference the new target (just the same as
|
|
|
|
|
* we did with the view targetlist).
|
|
|
|
|
*
|
2016-11-10 22:16:33 +01:00
|
|
|
* If it's a security-barrier view, its WHERE quals must be applied before
|
|
|
|
|
* quals from the outer query, so we attach them to the RTE as security
|
|
|
|
|
* barrier quals rather than adding them to the main WHERE clause.
|
2014-04-13 03:04:58 +02:00
|
|
|
*
|
2013-07-18 23:10:16 +02:00
|
|
|
* For INSERT, the view's quals can be ignored in the main query.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType != CMD_INSERT &&
|
|
|
|
|
viewquery->jointree->quals != NULL)
|
|
|
|
|
{
|
2015-12-21 16:34:14 +01:00
|
|
|
Node *viewqual = (Node *) viewquery->jointree->quals;
|
2012-12-09 00:25:48 +01:00
|
|
|
|
2015-12-29 22:45:47 +01:00
|
|
|
/*
|
|
|
|
|
* Even though we copied viewquery already at the top of this
|
|
|
|
|
* function, we must duplicate the viewqual again here, because we may
|
|
|
|
|
* need to use the quals again below for a WithCheckOption clause.
|
|
|
|
|
*/
|
|
|
|
|
viewqual = copyObject(viewqual);
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
ChangeVarNodes(viewqual, base_rt_index, new_rt_index, 0);
|
2014-04-13 03:04:58 +02:00
|
|
|
|
|
|
|
|
if (RelationIsSecurityView(view))
|
|
|
|
|
{
|
|
|
|
|
/*
|
2016-11-10 22:16:33 +01:00
|
|
|
* The view's quals go in front of existing barrier quals: those
|
|
|
|
|
* would have come from an outer level of security-barrier view,
|
|
|
|
|
* and so must get evaluated later.
|
|
|
|
|
*
|
2014-04-13 03:04:58 +02:00
|
|
|
* Note: the parsetree has been mutated, so the new_rte pointer is
|
|
|
|
|
* stale and needs to be re-computed.
|
|
|
|
|
*/
|
|
|
|
|
new_rte = rt_fetch(new_rt_index, parsetree->rtable);
|
|
|
|
|
new_rte->securityQuals = lcons(viewqual, new_rte->securityQuals);
|
|
|
|
|
|
2016-11-10 22:16:33 +01:00
|
|
|
/*
|
|
|
|
|
* Do not set parsetree->hasRowSecurity, because these aren't RLS
|
|
|
|
|
* conditions (they aren't affected by enabling/disabling RLS).
|
|
|
|
|
*/
|
|
|
|
|
|
2014-04-13 03:04:58 +02:00
|
|
|
/*
|
|
|
|
|
* Make sure that the query is marked correctly if the added qual
|
|
|
|
|
* has sublinks.
|
|
|
|
|
*/
|
|
|
|
|
if (!parsetree->hasSubLinks)
|
|
|
|
|
parsetree->hasSubLinks = checkExprHasSubLink(viewqual);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
AddQual(parsetree, (Node *) viewqual);
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
|
|
|
|
|
2013-07-18 23:10:16 +02:00
|
|
|
/*
|
|
|
|
|
* For INSERT/UPDATE, if the view has the WITH CHECK OPTION, or any parent
|
|
|
|
|
* view specified WITH CASCADED CHECK OPTION, add the quals from the view
|
|
|
|
|
* to the query's withCheckOptions list.
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType != CMD_DELETE)
|
|
|
|
|
{
|
|
|
|
|
bool has_wco = RelationHasCheckOption(view);
|
|
|
|
|
bool cascaded = RelationHasCascadedCheckOption(view);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If the parent view has a cascaded check option, treat this view as
|
|
|
|
|
* if it also had a cascaded check option.
|
|
|
|
|
*
|
2014-05-06 18:12:18 +02:00
|
|
|
* New WithCheckOptions are added to the start of the list, so if
|
|
|
|
|
* there is a cascaded check option, it will be the first item in the
|
|
|
|
|
* list.
|
2013-07-18 23:10:16 +02:00
|
|
|
*/
|
|
|
|
|
if (parsetree->withCheckOptions != NIL)
|
|
|
|
|
{
|
|
|
|
|
WithCheckOption *parent_wco =
|
2014-05-06 18:12:18 +02:00
|
|
|
(WithCheckOption *) linitial(parsetree->withCheckOptions);
|
2013-07-18 23:10:16 +02:00
|
|
|
|
|
|
|
|
if (parent_wco->cascaded)
|
|
|
|
|
{
|
|
|
|
|
has_wco = true;
|
|
|
|
|
cascaded = true;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Add the new WithCheckOption to the start of the list, so that
|
|
|
|
|
* checks on inner views are run before checks on outer views, as
|
|
|
|
|
* required by the SQL standard.
|
|
|
|
|
*
|
|
|
|
|
* If the new check is CASCADED, we need to add it even if this view
|
|
|
|
|
* has no quals, since there may be quals on child views. A LOCAL
|
|
|
|
|
* check can be omitted if this view has no quals.
|
|
|
|
|
*/
|
|
|
|
|
if (has_wco && (cascaded || viewquery->jointree->quals != NULL))
|
|
|
|
|
{
|
|
|
|
|
WithCheckOption *wco;
|
|
|
|
|
|
|
|
|
|
wco = makeNode(WithCheckOption);
|
2015-04-25 02:34:26 +02:00
|
|
|
wco->kind = WCO_VIEW_CHECK;
|
|
|
|
|
wco->relname = pstrdup(RelationGetRelationName(view));
|
2015-09-15 21:49:31 +02:00
|
|
|
wco->polname = NULL;
|
2013-07-18 23:10:16 +02:00
|
|
|
wco->qual = NULL;
|
|
|
|
|
wco->cascaded = cascaded;
|
|
|
|
|
|
|
|
|
|
parsetree->withCheckOptions = lcons(wco,
|
|
|
|
|
parsetree->withCheckOptions);
|
|
|
|
|
|
|
|
|
|
if (viewquery->jointree->quals != NULL)
|
|
|
|
|
{
|
2015-12-21 16:34:14 +01:00
|
|
|
wco->qual = (Node *) viewquery->jointree->quals;
|
2013-07-18 23:10:16 +02:00
|
|
|
ChangeVarNodes(wco->qual, base_rt_index, new_rt_index, 0);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Make sure that the query is marked correctly if the added
|
|
|
|
|
* qual has sublinks. We can skip this check if the query is
|
|
|
|
|
* already marked, or if the command is an UPDATE, in which
|
2014-04-13 03:04:58 +02:00
|
|
|
* case the same qual will have already been added, and this
|
|
|
|
|
* check will already have been done.
|
2013-07-18 23:10:16 +02:00
|
|
|
*/
|
|
|
|
|
if (!parsetree->hasSubLinks &&
|
|
|
|
|
parsetree->commandType != CMD_UPDATE)
|
|
|
|
|
parsetree->hasSubLinks = checkExprHasSubLink(wco->qual);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
return parsetree;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2002-10-19 21:00:47 +02:00
|
|
|
/*
|
2003-02-26 00:47:43 +01:00
|
|
|
* RewriteQuery -
|
|
|
|
|
* rewrites the query and apply the rules again on the queries rewritten
|
2002-10-19 21:00:47 +02:00
|
|
|
*
|
2003-02-26 00:47:43 +01:00
|
|
|
* rewrite_events is a list of open query-rewrite actions, so we can detect
|
|
|
|
|
* infinite recursion.
|
2002-10-19 21:00:47 +02:00
|
|
|
*/
|
1997-09-08 04:41:22 +02:00
|
|
|
static List *
|
2003-02-26 00:47:43 +01:00
|
|
|
RewriteQuery(Query *parsetree, List *rewrite_events)
|
1996-07-09 08:22:35 +02:00
|
|
|
{
|
2003-02-26 00:47:43 +01:00
|
|
|
CmdType event = parsetree->commandType;
|
|
|
|
|
bool instead = false;
|
2006-09-02 19:06:52 +02:00
|
|
|
bool returning = false;
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
bool updatableview = false;
|
2003-02-26 00:47:43 +01:00
|
|
|
Query *qual_product = NULL;
|
|
|
|
|
List *rewritten = NIL;
|
2011-02-26 00:56:23 +01:00
|
|
|
ListCell *lc1;
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2011-06-07 06:08:31 +02:00
|
|
|
/*
|
|
|
|
|
* First, recursively process any insert/update/delete statements in WITH
|
|
|
|
|
* clauses. (We have to do this first because the WITH clauses may get
|
|
|
|
|
* copied into rule actions below.)
|
|
|
|
|
*/
|
|
|
|
|
foreach(lc1, parsetree->cteList)
|
|
|
|
|
{
|
|
|
|
|
CommonTableExpr *cte = (CommonTableExpr *) lfirst(lc1);
|
2017-02-21 17:33:07 +01:00
|
|
|
Query *ctequery = castNode(Query, cte->ctequery);
|
2011-06-07 06:08:31 +02:00
|
|
|
List *newstuff;
|
|
|
|
|
|
|
|
|
|
if (ctequery->commandType == CMD_SELECT)
|
|
|
|
|
continue;
|
|
|
|
|
|
|
|
|
|
newstuff = RewriteQuery(ctequery, rewrite_events);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Currently we can only handle unconditional, single-statement DO
|
|
|
|
|
* INSTEAD rules correctly; we have to get exactly one Query out of
|
|
|
|
|
* the rewrite operation to stuff back into the CTE node.
|
|
|
|
|
*/
|
|
|
|
|
if (list_length(newstuff) == 1)
|
|
|
|
|
{
|
|
|
|
|
/* Push the single Query back into the CTE node */
|
2017-02-21 17:33:07 +01:00
|
|
|
ctequery = castNode(Query, linitial(newstuff));
|
2011-06-07 06:08:31 +02:00
|
|
|
/* WITH queries should never be canSetTag */
|
|
|
|
|
Assert(!ctequery->canSetTag);
|
|
|
|
|
cte->ctequery = (Node *) ctequery;
|
|
|
|
|
}
|
|
|
|
|
else if (newstuff == NIL)
|
|
|
|
|
{
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("DO INSTEAD NOTHING rules are not supported for data-modifying statements in WITH")));
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
ListCell *lc2;
|
|
|
|
|
|
|
|
|
|
/* examine queries to determine which error message to issue */
|
|
|
|
|
foreach(lc2, newstuff)
|
|
|
|
|
{
|
|
|
|
|
Query *q = (Query *) lfirst(lc2);
|
|
|
|
|
|
|
|
|
|
if (q->querySource == QSRC_QUAL_INSTEAD_RULE)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("conditional DO INSTEAD rules are not supported for data-modifying statements in WITH")));
|
|
|
|
|
if (q->querySource == QSRC_NON_INSTEAD_RULE)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("DO ALSO rules are not supported for data-modifying statements in WITH")));
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("multi-statement DO INSTEAD rules are not supported for data-modifying statements in WITH")));
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
1998-10-02 18:28:04 +02:00
|
|
|
/*
|
2010-10-10 19:43:33 +02:00
|
|
|
* If the statement is an insert, update, or delete, adjust its targetlist
|
|
|
|
|
* as needed, and then fire INSERT/UPDATE/DELETE rules on it.
|
2003-02-26 00:47:43 +01:00
|
|
|
*
|
2005-10-15 04:49:52 +02:00
|
|
|
* SELECT rules are handled later when we have all the queries that should
|
|
|
|
|
* get executed. Also, utilities aren't rewritten at all (do we still
|
|
|
|
|
* need that check?)
|
2002-04-05 07:47:05 +02:00
|
|
|
*/
|
2003-02-26 00:47:43 +01:00
|
|
|
if (event != CMD_SELECT && event != CMD_UTILITY)
|
|
|
|
|
{
|
|
|
|
|
int result_relation;
|
|
|
|
|
RangeTblEntry *rt_entry;
|
|
|
|
|
Relation rt_entry_relation;
|
|
|
|
|
List *locks;
|
2012-12-09 00:25:48 +01:00
|
|
|
List *product_queries;
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
bool hasUpdate = false;
|
2002-04-05 07:47:05 +02:00
|
|
|
|
2003-02-26 00:47:43 +01:00
|
|
|
result_relation = parsetree->resultRelation;
|
|
|
|
|
Assert(result_relation != 0);
|
|
|
|
|
rt_entry = rt_fetch(result_relation, parsetree->rtable);
|
|
|
|
|
Assert(rt_entry->rtekind == RTE_RELATION);
|
1998-08-18 02:49:04 +02:00
|
|
|
|
2003-02-26 00:47:43 +01:00
|
|
|
/*
|
2005-06-04 01:05:30 +02:00
|
|
|
* We can use NoLock here since either the parser or
|
|
|
|
|
* AcquireRewriteLocks should have locked the rel already.
|
2003-02-26 00:47:43 +01:00
|
|
|
*/
|
2005-06-04 01:05:30 +02:00
|
|
|
rt_entry_relation = heap_open(rt_entry->relid, NoLock);
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2003-02-26 00:47:43 +01:00
|
|
|
/*
|
2010-10-10 19:43:33 +02:00
|
|
|
* Rewrite the targetlist as needed for the command type.
|
2003-02-26 00:47:43 +01:00
|
|
|
*/
|
2010-10-10 19:43:33 +02:00
|
|
|
if (event == CMD_INSERT)
|
2006-08-02 03:59:48 +02:00
|
|
|
{
|
|
|
|
|
RangeTblEntry *values_rte = NULL;
|
|
|
|
|
|
|
|
|
|
/*
|
2006-10-04 02:30:14 +02:00
|
|
|
* If it's an INSERT ... VALUES (...), (...), ... there will be a
|
|
|
|
|
* single RTE for the VALUES targetlists.
|
2006-08-02 03:59:48 +02:00
|
|
|
*/
|
|
|
|
|
if (list_length(parsetree->jointree->fromlist) == 1)
|
|
|
|
|
{
|
|
|
|
|
RangeTblRef *rtr = (RangeTblRef *) linitial(parsetree->jointree->fromlist);
|
|
|
|
|
|
|
|
|
|
if (IsA(rtr, RangeTblRef))
|
|
|
|
|
{
|
|
|
|
|
RangeTblEntry *rte = rt_fetch(rtr->rtindex,
|
|
|
|
|
parsetree->rtable);
|
|
|
|
|
|
|
|
|
|
if (rte->rtekind == RTE_VALUES)
|
|
|
|
|
values_rte = rte;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (values_rte)
|
|
|
|
|
{
|
2006-10-04 02:30:14 +02:00
|
|
|
List *attrnos;
|
2006-08-02 03:59:48 +02:00
|
|
|
|
|
|
|
|
/* Process the main targetlist ... */
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
parsetree->targetList = rewriteTargetListIU(parsetree->targetList,
|
2015-05-24 03:35:49 +02:00
|
|
|
parsetree->commandType,
|
2017-04-06 14:33:16 +02:00
|
|
|
parsetree->override,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
rt_entry_relation,
|
2015-05-24 03:35:49 +02:00
|
|
|
parsetree->resultRelation,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
&attrnos);
|
2006-08-02 03:59:48 +02:00
|
|
|
/* ... and the VALUES expression lists */
|
|
|
|
|
rewriteValuesRTE(values_rte, rt_entry_relation, attrnos);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
/* Process just the main targetlist */
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
parsetree->targetList =
|
|
|
|
|
rewriteTargetListIU(parsetree->targetList,
|
|
|
|
|
parsetree->commandType,
|
2017-04-06 14:33:16 +02:00
|
|
|
parsetree->override,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
rt_entry_relation,
|
|
|
|
|
parsetree->resultRelation, NULL);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (parsetree->onConflict &&
|
|
|
|
|
parsetree->onConflict->action == ONCONFLICT_UPDATE)
|
|
|
|
|
{
|
|
|
|
|
parsetree->onConflict->onConflictSet =
|
|
|
|
|
rewriteTargetListIU(parsetree->onConflict->onConflictSet,
|
|
|
|
|
CMD_UPDATE,
|
2017-04-06 14:33:16 +02:00
|
|
|
parsetree->override,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
rt_entry_relation,
|
|
|
|
|
parsetree->resultRelation,
|
|
|
|
|
NULL);
|
2006-08-02 03:59:48 +02:00
|
|
|
}
|
|
|
|
|
}
|
2010-10-10 19:43:33 +02:00
|
|
|
else if (event == CMD_UPDATE)
|
|
|
|
|
{
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
parsetree->targetList =
|
|
|
|
|
rewriteTargetListIU(parsetree->targetList,
|
2017-04-06 14:33:16 +02:00
|
|
|
parsetree->commandType,
|
|
|
|
|
parsetree->override,
|
|
|
|
|
rt_entry_relation,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
parsetree->resultRelation, NULL);
|
2010-10-19 21:08:37 +02:00
|
|
|
rewriteTargetListUD(parsetree, rt_entry, rt_entry_relation);
|
2010-10-10 19:43:33 +02:00
|
|
|
}
|
|
|
|
|
else if (event == CMD_DELETE)
|
|
|
|
|
{
|
2010-10-19 21:08:37 +02:00
|
|
|
rewriteTargetListUD(parsetree, rt_entry, rt_entry_relation);
|
2010-10-10 19:43:33 +02:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
elog(ERROR, "unrecognized commandType: %d", (int) event);
|
2000-06-30 09:04:23 +02:00
|
|
|
|
2003-02-26 00:47:43 +01:00
|
|
|
/*
|
|
|
|
|
* Collect and apply the appropriate rules.
|
|
|
|
|
*/
|
|
|
|
|
locks = matchLocks(event, rt_entry_relation->rd_rules,
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
result_relation, parsetree, &hasUpdate);
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
product_queries = fireRules(parsetree,
|
|
|
|
|
result_relation,
|
|
|
|
|
event,
|
|
|
|
|
locks,
|
|
|
|
|
&instead,
|
|
|
|
|
&returning,
|
|
|
|
|
&qual_product);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* If there were no INSTEAD rules, and the target relation is a view
|
|
|
|
|
* without any INSTEAD OF triggers, see if the view can be
|
|
|
|
|
* automatically updated. If so, we perform the necessary query
|
|
|
|
|
* transformation here and add the resulting query to the
|
|
|
|
|
* product_queries list, so that it gets recursively rewritten if
|
|
|
|
|
* necessary.
|
|
|
|
|
*/
|
|
|
|
|
if (!instead && qual_product == NULL &&
|
|
|
|
|
rt_entry_relation->rd_rel->relkind == RELKIND_VIEW &&
|
|
|
|
|
!view_has_instead_trigger(rt_entry_relation, event))
|
2003-02-26 00:47:43 +01:00
|
|
|
{
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
|
|
|
|
* This throws an error if the view can't be automatically
|
|
|
|
|
* updated, but that's OK since the query would fail at runtime
|
|
|
|
|
* anyway.
|
|
|
|
|
*/
|
|
|
|
|
parsetree = rewriteTargetView(parsetree, rt_entry_relation);
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2012-12-09 00:25:48 +01:00
|
|
|
/*
|
2013-05-29 22:58:43 +02:00
|
|
|
* At this point product_queries contains any DO ALSO rule
|
2014-05-06 18:12:18 +02:00
|
|
|
* actions. Add the rewritten query before or after those. This
|
2013-05-29 22:58:43 +02:00
|
|
|
* must match the handling the original query would have gotten
|
|
|
|
|
* below, if we allowed it to be included again.
|
2012-12-09 00:25:48 +01:00
|
|
|
*/
|
|
|
|
|
if (parsetree->commandType == CMD_INSERT)
|
|
|
|
|
product_queries = lcons(parsetree, product_queries);
|
|
|
|
|
else
|
|
|
|
|
product_queries = lappend(product_queries, parsetree);
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Set the "instead" flag, as if there had been an unqualified
|
|
|
|
|
* INSTEAD, to prevent the original query from being included a
|
|
|
|
|
* second time below. The transformation will have rewritten any
|
|
|
|
|
* RETURNING list, so we can also set "returning" to forestall
|
|
|
|
|
* throwing an error below.
|
|
|
|
|
*/
|
|
|
|
|
instead = true;
|
|
|
|
|
returning = true;
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
updatableview = true;
|
2012-12-09 00:25:48 +01:00
|
|
|
}
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2013-05-29 22:58:43 +02:00
|
|
|
/*
|
|
|
|
|
* If we got any product queries, recursively rewrite them --- but
|
|
|
|
|
* first check for recursion!
|
|
|
|
|
*/
|
|
|
|
|
if (product_queries != NIL)
|
|
|
|
|
{
|
|
|
|
|
ListCell *n;
|
|
|
|
|
rewrite_event *rev;
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2013-05-29 22:58:43 +02:00
|
|
|
foreach(n, rewrite_events)
|
|
|
|
|
{
|
|
|
|
|
rev = (rewrite_event *) lfirst(n);
|
|
|
|
|
if (rev->relation == RelationGetRelid(rt_entry_relation) &&
|
|
|
|
|
rev->event == event)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_INVALID_OBJECT_DEFINITION),
|
|
|
|
|
errmsg("infinite recursion detected in rules for relation \"%s\"",
|
2005-10-15 04:49:52 +02:00
|
|
|
RelationGetRelationName(rt_entry_relation))));
|
2013-05-29 22:58:43 +02:00
|
|
|
}
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2013-05-29 22:58:43 +02:00
|
|
|
rev = (rewrite_event *) palloc(sizeof(rewrite_event));
|
|
|
|
|
rev->relation = RelationGetRelid(rt_entry_relation);
|
|
|
|
|
rev->event = event;
|
|
|
|
|
rewrite_events = lcons(rev, rewrite_events);
|
1996-07-09 08:22:35 +02:00
|
|
|
|
2013-05-29 22:58:43 +02:00
|
|
|
foreach(n, product_queries)
|
|
|
|
|
{
|
|
|
|
|
Query *pt = (Query *) lfirst(n);
|
|
|
|
|
List *newstuff;
|
2004-11-20 18:59:31 +01:00
|
|
|
|
2013-05-29 22:58:43 +02:00
|
|
|
newstuff = RewriteQuery(pt, rewrite_events);
|
|
|
|
|
rewritten = list_concat(rewritten, newstuff);
|
2003-02-26 00:47:43 +01:00
|
|
|
}
|
1997-09-07 07:04:48 +02:00
|
|
|
|
2013-05-29 22:58:43 +02:00
|
|
|
rewrite_events = list_delete_first(rewrite_events);
|
|
|
|
|
}
|
|
|
|
|
|
2006-09-02 19:06:52 +02:00
|
|
|
/*
|
2006-10-04 02:30:14 +02:00
|
|
|
* If there is an INSTEAD, and the original query has a RETURNING, we
|
|
|
|
|
* have to have found a RETURNING in the rule(s), else fail. (Because
|
|
|
|
|
* DefineQueryRewrite only allows RETURNING in unconditional INSTEAD
|
|
|
|
|
* rules, there's no need to worry whether the substituted RETURNING
|
|
|
|
|
* will actually be executed --- it must be.)
|
2006-09-02 19:06:52 +02:00
|
|
|
*/
|
|
|
|
|
if ((instead || qual_product != NULL) &&
|
|
|
|
|
parsetree->returningList &&
|
|
|
|
|
!returning)
|
|
|
|
|
{
|
|
|
|
|
switch (event)
|
|
|
|
|
{
|
|
|
|
|
case CMD_INSERT:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
2007-11-16 00:23:44 +01:00
|
|
|
errmsg("cannot perform INSERT RETURNING on relation \"%s\"",
|
|
|
|
|
RelationGetRelationName(rt_entry_relation)),
|
2006-09-02 19:06:52 +02:00
|
|
|
errhint("You need an unconditional ON INSERT DO INSTEAD rule with a RETURNING clause.")));
|
|
|
|
|
break;
|
|
|
|
|
case CMD_UPDATE:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
2007-11-16 00:23:44 +01:00
|
|
|
errmsg("cannot perform UPDATE RETURNING on relation \"%s\"",
|
|
|
|
|
RelationGetRelationName(rt_entry_relation)),
|
2006-09-02 19:06:52 +02:00
|
|
|
errhint("You need an unconditional ON UPDATE DO INSTEAD rule with a RETURNING clause.")));
|
|
|
|
|
break;
|
|
|
|
|
case CMD_DELETE:
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
2007-11-16 00:23:44 +01:00
|
|
|
errmsg("cannot perform DELETE RETURNING on relation \"%s\"",
|
|
|
|
|
RelationGetRelationName(rt_entry_relation)),
|
2006-09-02 19:06:52 +02:00
|
|
|
errhint("You need an unconditional ON DELETE DO INSTEAD rule with a RETURNING clause.")));
|
|
|
|
|
break;
|
|
|
|
|
default:
|
|
|
|
|
elog(ERROR, "unrecognized commandType: %d",
|
|
|
|
|
(int) event);
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
/*
|
|
|
|
|
* Updatable views are supported by ON CONFLICT, so don't prevent that
|
|
|
|
|
* case from proceeding
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->onConflict &&
|
|
|
|
|
(product_queries != NIL || hasUpdate) &&
|
|
|
|
|
!updatableview)
|
2015-05-24 03:35:49 +02:00
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("INSERT with ON CONFLICT clause cannot be used with table that has INSERT or UPDATE rules")));
|
Add support for INSERT ... ON CONFLICT DO NOTHING/UPDATE.
The newly added ON CONFLICT clause allows to specify an alternative to
raising a unique or exclusion constraint violation error when inserting.
ON CONFLICT refers to constraints that can either be specified using a
inference clause (by specifying the columns of a unique constraint) or
by naming a unique or exclusion constraint. DO NOTHING avoids the
constraint violation, without touching the pre-existing row. DO UPDATE
SET ... [WHERE ...] updates the pre-existing tuple, and has access to
both the tuple proposed for insertion and the existing tuple; the
optional WHERE clause can be used to prevent an update from being
executed. The UPDATE SET and WHERE clauses have access to the tuple
proposed for insertion using the "magic" EXCLUDED alias, and to the
pre-existing tuple using the table name or its alias.
This feature is often referred to as upsert.
This is implemented using a new infrastructure called "speculative
insertion". It is an optimistic variant of regular insertion that first
does a pre-check for existing tuples and then attempts an insert. If a
violating tuple was inserted concurrently, the speculatively inserted
tuple is deleted and a new attempt is made. If the pre-check finds a
matching tuple the alternative DO NOTHING or DO UPDATE action is taken.
If the insertion succeeds without detecting a conflict, the tuple is
deemed inserted.
To handle the possible ambiguity between the excluded alias and a table
named excluded, and for convenience with long relation names, INSERT
INTO now can alias its target table.
Bumps catversion as stored rules change.
Author: Peter Geoghegan, with significant contributions from Heikki
Linnakangas and Andres Freund. Testing infrastructure by Jeff Janes.
Reviewed-By: Heikki Linnakangas, Andres Freund, Robert Haas, Simon Riggs,
Dean Rasheed, Stephen Frost and many others.
2015-05-08 05:31:36 +02:00
|
|
|
|
2005-06-04 01:05:30 +02:00
|
|
|
heap_close(rt_entry_relation, NoLock);
|
1997-09-07 07:04:48 +02:00
|
|
|
}
|
1998-08-18 02:49:04 +02:00
|
|
|
|
2001-03-22 07:16:21 +01:00
|
|
|
/*
|
2005-10-15 04:49:52 +02:00
|
|
|
* For INSERTs, the original query is done first; for UPDATE/DELETE, it is
|
|
|
|
|
* done last. This is needed because update and delete rule actions might
|
|
|
|
|
* not do anything if they are invoked after the update or delete is
|
|
|
|
|
* performed. The command counter increment between the query executions
|
|
|
|
|
* makes the deleted (and maybe the updated) tuples disappear so the scans
|
|
|
|
|
* for them in the rule actions cannot find them.
|
2002-10-19 21:00:47 +02:00
|
|
|
*
|
2003-08-04 02:43:34 +02:00
|
|
|
* If we found any unqualified INSTEAD, the original query is not done at
|
|
|
|
|
* all, in any form. Otherwise, we add the modified form if qualified
|
|
|
|
|
* INSTEADs were found, else the unmodified form.
|
1998-08-18 02:49:04 +02:00
|
|
|
*/
|
2002-10-19 21:00:47 +02:00
|
|
|
if (!instead)
|
2001-07-10 01:50:32 +02:00
|
|
|
{
|
2002-10-19 21:00:47 +02:00
|
|
|
if (parsetree->commandType == CMD_INSERT)
|
|
|
|
|
{
|
|
|
|
|
if (qual_product != NULL)
|
|
|
|
|
rewritten = lcons(qual_product, rewritten);
|
|
|
|
|
else
|
|
|
|
|
rewritten = lcons(parsetree, rewritten);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
if (qual_product != NULL)
|
|
|
|
|
rewritten = lappend(rewritten, qual_product);
|
|
|
|
|
else
|
|
|
|
|
rewritten = lappend(rewritten, parsetree);
|
|
|
|
|
}
|
2001-07-10 01:50:32 +02:00
|
|
|
}
|
1998-08-18 02:49:04 +02:00
|
|
|
|
2011-06-07 06:08:31 +02:00
|
|
|
/*
|
|
|
|
|
* If the original query has a CTE list, and we generated more than one
|
2011-06-09 20:32:50 +02:00
|
|
|
* non-utility result query, we have to fail because we'll have copied the
|
|
|
|
|
* CTE list into each result query. That would break the expectation of
|
|
|
|
|
* single evaluation of CTEs. This could possibly be fixed by
|
2011-06-07 06:08:31 +02:00
|
|
|
* restructuring so that a CTE list can be shared across multiple Query
|
|
|
|
|
* and PlannableStatement nodes.
|
|
|
|
|
*/
|
|
|
|
|
if (parsetree->cteList != NIL)
|
|
|
|
|
{
|
2011-06-09 20:32:50 +02:00
|
|
|
int qcount = 0;
|
2011-06-07 06:08:31 +02:00
|
|
|
|
|
|
|
|
foreach(lc1, rewritten)
|
|
|
|
|
{
|
|
|
|
|
Query *q = (Query *) lfirst(lc1);
|
|
|
|
|
|
|
|
|
|
if (q->commandType != CMD_UTILITY)
|
|
|
|
|
qcount++;
|
|
|
|
|
}
|
|
|
|
|
if (qcount > 1)
|
|
|
|
|
ereport(ERROR,
|
|
|
|
|
(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
|
|
|
|
|
errmsg("WITH cannot be used in a query that is rewritten by rules into multiple queries")));
|
|
|
|
|
}
|
|
|
|
|
|
1997-09-07 07:04:48 +02:00
|
|
|
return rewritten;
|
|
|
|
|
}
|
1998-10-02 18:28:04 +02:00
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
2000-10-05 21:11:39 +02:00
|
|
|
* QueryRewrite -
|
|
|
|
|
* Primary entry point to the query rewriter.
|
|
|
|
|
* Rewrite one query via query rewrite system, possibly returning 0
|
|
|
|
|
* or many queries.
|
|
|
|
|
*
|
2005-06-04 01:05:30 +02:00
|
|
|
* NOTE: the parsetree must either have come straight from the parser,
|
|
|
|
|
* or have been scanned by AcquireRewriteLocks to acquire suitable locks.
|
1998-10-02 18:28:04 +02:00
|
|
|
*/
|
2000-10-05 21:11:39 +02:00
|
|
|
List *
|
|
|
|
|
QueryRewrite(Query *parsetree)
|
1998-10-02 18:28:04 +02:00
|
|
|
{
|
2012-03-27 21:14:13 +02:00
|
|
|
uint32 input_query_id = parsetree->queryId;
|
1999-05-25 18:15:34 +02:00
|
|
|
List *querylist;
|
2010-10-10 19:43:33 +02:00
|
|
|
List *results;
|
2004-05-26 06:41:50 +02:00
|
|
|
ListCell *l;
|
2003-05-02 22:54:36 +02:00
|
|
|
CmdType origCmdType;
|
|
|
|
|
bool foundOriginalQuery;
|
|
|
|
|
Query *lastInstead;
|
1998-10-02 18:28:04 +02:00
|
|
|
|
2011-02-26 00:56:23 +01:00
|
|
|
/*
|
|
|
|
|
* This function is only applied to top-level original queries
|
|
|
|
|
*/
|
|
|
|
|
Assert(parsetree->querySource == QSRC_ORIGINAL);
|
|
|
|
|
Assert(parsetree->canSetTag);
|
|
|
|
|
|
1998-10-02 18:28:04 +02:00
|
|
|
/*
|
|
|
|
|
* Step 1
|
|
|
|
|
*
|
|
|
|
|
* Apply all non-SELECT rules possibly getting 0 or many queries
|
|
|
|
|
*/
|
2003-02-26 00:47:43 +01:00
|
|
|
querylist = RewriteQuery(parsetree, NIL);
|
1998-10-02 18:28:04 +02:00
|
|
|
|
|
|
|
|
/*
|
1999-11-01 06:18:31 +01:00
|
|
|
* Step 2
|
1998-10-02 18:28:04 +02:00
|
|
|
*
|
|
|
|
|
* Apply all the RIR rules on each query
|
2012-03-27 21:14:13 +02:00
|
|
|
*
|
|
|
|
|
* This is also a handy place to mark each query with the original queryId
|
1998-10-02 18:28:04 +02:00
|
|
|
*/
|
2010-10-10 19:43:33 +02:00
|
|
|
results = NIL;
|
1999-05-25 18:15:34 +02:00
|
|
|
foreach(l, querylist)
|
|
|
|
|
{
|
2001-03-22 05:01:46 +01:00
|
|
|
Query *query = (Query *) lfirst(l);
|
1999-05-25 18:15:34 +02:00
|
|
|
|
2009-10-28 18:36:50 +01:00
|
|
|
query = fireRIRrules(query, NIL, false);
|
2012-03-27 21:14:13 +02:00
|
|
|
|
|
|
|
|
query->queryId = input_query_id;
|
|
|
|
|
|
2000-10-05 21:11:39 +02:00
|
|
|
results = lappend(results, query);
|
1999-05-25 18:15:34 +02:00
|
|
|
}
|
1999-05-13 09:29:22 +02:00
|
|
|
|
2003-05-02 22:54:36 +02:00
|
|
|
/*
|
|
|
|
|
* Step 3
|
|
|
|
|
*
|
2005-11-22 19:17:34 +01:00
|
|
|
* Determine which, if any, of the resulting queries is supposed to set
|
|
|
|
|
* the command-result tag; and update the canSetTag fields accordingly.
|
2003-05-02 22:54:36 +02:00
|
|
|
*
|
|
|
|
|
* If the original query is still in the list, it sets the command tag.
|
2005-10-15 04:49:52 +02:00
|
|
|
* Otherwise, the last INSTEAD query of the same kind as the original is
|
2014-05-06 18:12:18 +02:00
|
|
|
* allowed to set the tag. (Note these rules can leave us with no query
|
2005-10-15 04:49:52 +02:00
|
|
|
* setting the tag. The tcop code has to cope with this by setting up a
|
|
|
|
|
* default tag based on the original un-rewritten query.)
|
2003-05-02 22:54:36 +02:00
|
|
|
*
|
|
|
|
|
* The Asserts verify that at most one query in the result list is marked
|
2005-10-15 04:49:52 +02:00
|
|
|
* canSetTag. If we aren't checking asserts, we can fall out of the loop
|
|
|
|
|
* as soon as we find the original query.
|
2003-05-02 22:54:36 +02:00
|
|
|
*/
|
|
|
|
|
origCmdType = parsetree->commandType;
|
|
|
|
|
foundOriginalQuery = false;
|
|
|
|
|
lastInstead = NULL;
|
|
|
|
|
|
|
|
|
|
foreach(l, results)
|
|
|
|
|
{
|
|
|
|
|
Query *query = (Query *) lfirst(l);
|
|
|
|
|
|
|
|
|
|
if (query->querySource == QSRC_ORIGINAL)
|
|
|
|
|
{
|
|
|
|
|
Assert(query->canSetTag);
|
|
|
|
|
Assert(!foundOriginalQuery);
|
|
|
|
|
foundOriginalQuery = true;
|
|
|
|
|
#ifndef USE_ASSERT_CHECKING
|
|
|
|
|
break;
|
|
|
|
|
#endif
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
Assert(!query->canSetTag);
|
|
|
|
|
if (query->commandType == origCmdType &&
|
|
|
|
|
(query->querySource == QSRC_INSTEAD_RULE ||
|
|
|
|
|
query->querySource == QSRC_QUAL_INSTEAD_RULE))
|
|
|
|
|
lastInstead = query;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!foundOriginalQuery && lastInstead != NULL)
|
|
|
|
|
lastInstead->canSetTag = true;
|
|
|
|
|
|
2000-10-05 21:11:39 +02:00
|
|
|
return results;
|
Hi!
INTERSECT and EXCEPT is available for postgresql-v6.4!
The patch against v6.4 is included at the end of the current text
(in uuencoded form!)
I also included the text of my Master's Thesis. (a postscript
version). I hope that you find something of it useful and would be
happy if parts of it find their way into the PostgreSQL documentation
project (If so, tell me, then I send the sources of the document!)
The contents of the document are:
-) The first chapter might be of less interest as it gives only an
overview on SQL.
-) The second chapter gives a description on much of PostgreSQL's
features (like user defined types etc. and how to use these features)
-) The third chapter starts with an overview of PostgreSQL's internal
structure with focus on the stages a query has to pass (i.e. parser,
planner/optimizer, executor). Then a detailed description of the
implementation of the Having clause and the Intersect/Except logic is
given.
Originally I worked on v6.3.2 but never found time enough to prepare
and post a patch. Now I applied the changes to v6.4 to get Intersect
and Except working with the new version. Chapter 3 of my documentation
deals with the changes against v6.3.2, so keep that in mind when
comparing the parts of the code printed there with the patched sources
of v6.4.
Here are some remarks on the patch. There are some things that have
still to be done but at the moment I don't have time to do them
myself. (I'm doing my military service at the moment) Sorry for that
:-(
-) I used a rewrite technique for the implementation of the Except/Intersect
logic which rewrites the query to a semantically equivalent query before
it is handed to the rewrite system (for views, rules etc.), planner,
executor etc.
-) In v6.3.2 the types of the attributes of two select statements
connected by the UNION keyword had to match 100%. In v6.4 the types
only need to be familiar (i.e. int and float can be mixed). Since this
feature did not exist when I worked on Intersect/Except it
does not work correctly for Except/Intersect queries WHEN USED IN
COMBINATION WITH UNIONS! (i.e. sometimes the wrong type is used for the
resulting table. This is because until now the types of the attributes of
the first select statement have been used for the resulting table.
When Intersects and/or Excepts are used in combination with Unions it
might happen, that the first select statement of the original query
appears at another position in the query which will be executed. The reason
for this is the technique used for the implementation of
Except/Intersect which does a query rewrite!)
NOTE: It is NOT broken for pure UNION queries and pure INTERSECT/EXCEPT
queries!!!
-) I had to add the field intersect_clause to some data structures
but did not find time to implement printfuncs for the new field.
This does NOT break the debug modes but when an Except/Intersect
is used the query debug output will be the already rewritten query.
-) Massive changes to the grammar rules for SELECT and INSERT statements
have been necessary (see comments in gram.y and documentation for
deatails) in order to be able to use mixed queries like
(SELECT ... UNION (SELECT ... EXCEPT SELECT)) INTERSECT SELECT...;
-) When using UNION/EXCEPT/INTERSECT you will get:
NOTICE: equal: "Don't know if nodes of type xxx are equal".
I did not have time to add comparsion support for all the needed nodes,
but the default behaviour of the function equal met my requirements.
I did not dare to supress this message!
That's the reason why the regression test for union will fail: These
messages are also included in the union.out file!
-) Somebody of you changed the union_planner() function for v6.4
(I copied the targetlist to new_tlist and that was removed and
replaced by a cleanup of the original targetlist). These chnages
violated some having queries executed against views so I changed
it back again. I did not have time to examine the differences between the
two versions but now it works :-)
If you want to find out, try the file queries/view_having.sql on
both versions and compare the results . Two queries won't produce a
correct result with your version.
regards
Stefan
1999-01-18 01:10:17 +01:00
|
|
|
}
|
