Intervening in Parser -> Planner Stage
| От | Arguile |
|---|---|
| Тема | Intervening in Parser -> Planner Stage |
| Дата | |
| Msg-id | LLENKEMIODLDJNHBEFBOCEPNEEAA.arguile@lucentstudios.com обсуждение исходный текст |
| Ответы |
Re: Intervening in Parser -> Planner Stage
Re: Intervening in Parser -> Planner Stage |
| Список | pgsql-hackers |
A few questions on the parser -> planner stage. I'm currently pursuing a line of thought on resource limiting, and I'd like some opinions on whether it's possible/probable. I need to give community access directly to the database, so I need to impose some sane controls. As I can't hold any of that class of users accountable, I need to impose the limits in the software. I'd like to try hooking in right after the parser produces it's tree and modifying limitCount based on a few rules, then handing it back to normal flow. After that I'd also like to hook in before the planner hands the plan to the executor, evaluate estimated cost, and accept/deny the query based on that. I realise cost is just simply a number for comparison, but I'm only looking to cap excessively high costs due to inexperience (lots of cartesians products by accident) or maliscious intent. It would be set based on a refference set of queries run on the individual system. At the same time processes will be monitored (probably using Bruce's tool) at the same time and killing anything that might slip by. The concept (rewriting the query and limiting cost) seems to work well. At current though it's horribly expensive and buggy as I'm rewriting the query using regexeps (no grammar rules), running an explain on it, parsing and evaluating the explain output for cost, then finally running the query. As a related issue I've been hunting about for ways to limit classes of users to certain commands (such as only allow SELECT on a database). I've only begun to play with the debug output but so far it's my understanding that the :command node from the parse tree identifies the operation being performed. Since I plan to be intervening after the parser anyways, I thought it would be opertune to check a permissions table and see if that user/group has permission to run that command class on the database. At the moment I'm just looking for opinions on the attemp and, if it's not an obvious dead end, a few pointers on where to start. This is a learning project (as my C skills are horrid) so any suggestions are appreciated.
В списке pgsql-hackers по дате отправления: