Class: Gitlab::Database::QueryAnalyzers::RestrictAllowedSchemas

Inherits:
Base
  • Object
show all
Defined in:
lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb

Constant Summary collapse

UnsupportedSchemaError = 
Class.new(QueryAnalyzerError)
DDLNotAllowedError = 
Class.new(UnsupportedSchemaError)
DMLNotAllowedError = 
Class.new(UnsupportedSchemaError)
DMLAccessDeniedError = 
Class.new(UnsupportedSchemaError)
SCHEMA_MAPPING =

Re-map schemas observed schemas to a single cluster mode

  • symbol:

    The mapped schema indicates that it contains all data in a single-cluster mode

  • nil:

    Inidicates that changes made to this schema are ignored and always allowed

{
  gitlab_shared: nil,
  gitlab_internal: nil,

  # Cells specific changes
  gitlab_main_clusterwide: :gitlab_main,
  gitlab_main_cell: :gitlab_main,
  gitlab_main_org: :gitlab_main,
  gitlab_main_cell_local: :gitlab_main,
  gitlab_main_jh: :gitlab_main,
  gitlab_ci_cell_local: :gitlab_ci,
  gitlab_main_cell_setting: :gitlab_main,
  gitlab_main_user: :gitlab_main
}.freeze

Constants inherited from Base

Base::QueryAnalyzerError

Class Method Summary collapse

Methods inherited from Base

analyzer_key, begin!, context, context_key, end!, requires_tracking?, skip_cached?, suppress=, suppress_key, suppress_schema_issues_for_decomposed_tables, suppressed?, with_suppressed

Class Method Details

.allowed_gitlab_schemasObject 



37
38
39
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 37

def allowed_gitlab_schemas
  self.context[:allowed_gitlab_schemas]
end

.allowed_gitlab_schemas=(value) ⇒ Object 



41
42
43
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 41

def allowed_gitlab_schemas=(value)
  self.context[:allowed_gitlab_schemas] = value
end

.analyze(parsed) ⇒ Object 



45
46
47
48
49
50
51
52
53
54
55
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 45

def analyze(parsed)
  # This analyzer requires the PgQuery parsed query to be present
  return unless parsed.pg

  # If list of schemas is empty, we allow only DDL changes
  if self.dml_mode?
    self.restrict_to_dml_only(parsed)
  else
    self.restrict_to_ddl_only(parsed)
  end
end

.enabled?Boolean

Returns:

  • (Boolean) 


33
34
35
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 33

def enabled?
  true
end

.require_ddl_mode!(message = "") ⇒ Object 



57
58
59
60
61
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 57

def require_ddl_mode!(message = "")
  return unless self.context

  self.raise_dml_not_allowed_error(message) if self.dml_mode?
end

.require_dml_mode!(message = "") ⇒ Object 



63
64
65
66
67
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 63

def require_dml_mode!(message = "")
  return unless self.context

  self.raise_ddl_not_allowed_error(message) if self.ddl_mode?
end