feat: add support for db roles list #1916
Conversation
product-auto-label
bot
added
size: l
|
Warning: This pull request is touching the following templated files:
|
| import com.google.common.base.Preconditions; | ||
| import java.util.Objects; | ||
|
|
||
| /** Represents a restore operation of a Cloud Spanner backup. */ |
| @@ -830,6 +834,12 @@ public Builder setSessionPoolOption(SessionPoolOptions sessionPoolOptions) { | |||
| return this; | |||
| } | |||
|
|
|||
| /** Sets the database role that should be used by this instance. */ | |||
There was a problem hiding this comment.
I think this needs a more elaborate Javadoc on what this means, as most users won't understand this automatically. I would suggest something like:
| /** Sets the database role that should be used by this instance. */ | |
| /** | |
| * Sets the database role that should be used for connections that are created by this instance. | |
| * The database role that is used determines the access permissions that a connection has. This | |
| * can for example be used to create connections that are only permitted to access certain tables. | |
| */ |
| @@ -213,8 +214,8 @@ public String[] getValidValues() { | |||
| public static final String LENIENT_PROPERTY_NAME = "lenient"; | |||
| /** Name of the 'rpcPriority' connection property. */ | |||
| public static final String RPC_PRIORITY_NAME = "rpcPriority"; | |||
| /** Dialect to use for a connection. */ | |||
| private static final String DIALECT_PROPERTY_NAME = "dialect"; | |||
There was a problem hiding this comment.
I agree that we should remove this, as it is no longer needed, BUT:
- We should consider doing so in a separate PR. It is not related to this change.
- We should do it in a non-breaking way. Anyone who currently has
dialect=...in their connection string will get an error after this change. We should therefore silently ignore it if we encounterdialect=...in a connection string.
There was a problem hiding this comment.
Reverted the change to remove Dialect, will be done in another PR
| @@ -959,6 +969,11 @@ public TransportChannelProvider getChannelProvider() { | |||
| } | |||
| } | |||
|
|
|||
| /** The creator role to use for the connection. */ | |||
There was a problem hiding this comment.
I don't think users will understand what 'creator role' means. This seems like an internal name (I (think I) understand that it means the role that is used to create a session, but that is not clear to a user.)
I would suggest: The database role that is used for this connection. Assigning a role to a connection can be used to for example restrict the access of a connection to a specific set of tables.
| @@ -50,6 +50,8 @@ public class RemoteSpannerHelper { | |||
| private final InstanceId instanceId; | |||
| private static final AtomicInteger dbSeq = new AtomicInteger(); | |||
| private static final int dbPrefix = new Random().nextInt(Integer.MAX_VALUE); | |||
| private static int dbRoleSeq; | |||
There was a problem hiding this comment.
Although the probability is low that it goes wrong, it would be better to use an AtomicInteger for this, as our integration tests can run in parallel.
| when(spannerOptions.getSessionLabels()).thenReturn(labels); | ||
| when(spannerOptions.getDatabaseRole()).thenReturn(databaseRole); |
There was a problem hiding this comment.
nit: indentation seems off here
| @@ -143,13 +145,16 @@ public void batchCreateAndCloseSessions() { | |||
| final String sessionName = dbName + "/sessions/s%d"; | |||
| final Map<String, String> labels = new HashMap<>(); | |||
| labels.put("env", "dev"); | |||
| String databaseRole = new String("role"); | |||
There was a problem hiding this comment.
nit: indentation seems to be off here (and also elsewhere in this class). Maybe run code formatter again?
| @@ -76,7 +76,7 @@ public void defaultBuilder() { | |||
| // id. | |||
| SpannerOptions options = SpannerOptions.newBuilder().setProjectId("test-project").build(); | |||
| if (Strings.isNullOrEmpty(System.getenv("SPANNER_EMULATOR_HOST"))) { | |||
| assertThat(options.getHost()).isEqualTo("https://spanner.googleapis.com"); | |||
| assertThat(options.getHost()).isEqualTo("https://staging-wrenchworks.sandbox.googleapis.com/"); | |||
There was a problem hiding this comment.
nit: Remove before merging
No region tags are edited in this PR.This comment is generated by snippet-bot.
|
| @@ -145,7 +145,7 @@ public Page<Operation> listDatabaseOperations() { | |||
|
|
|||
| /** Returns the IAM {@link Policy} for this database. */ | |||
| public Policy getIAMPolicy() { | |||
| return dbClient.getDatabaseIAMPolicy(instance(), database()); | |||
| return dbClient.getDatabaseIAMPolicy(instance(), database(), 1); | |||
There was a problem hiding this comment.
What is the 1 here?
EDIT: Apparently this is a version number. Should we add the version as an argument to the getIAMPolicy method?
| @@ -492,7 +495,7 @@ OperationFuture<Void, UpdateDatabaseDdlMetadata> updateDatabaseDdl( | |||
| Operation getOperation(String name); | |||
|
|
|||
| /** Returns the IAM policy for the given database. */ | |||
| Policy getDatabaseIAMPolicy(String instanceId, String databaseId); | |||
| Policy getDatabaseIAMPolicy(String instanceId, String databaseId, int version); | |||
There was a problem hiding this comment.
The version argument needs some Javadoc. What does it do and when/why should I use it?
rahul2393
added
the
owlbot:run
gcf-owl-bot
bot
removed
the
owlbot:run
Old PR: #1807