Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Allow options to generate certain HTTP methods for a DB view #1824

Merged
merged 11 commits into from
Apr 23, 2021
Merged

fix: Allow options to generate certain HTTP methods for a DB view #1824

merged 11 commits into from
Apr 23, 2021

Conversation

laurenceisla
Copy link
Member

@laurenceisla laurenceisla commented Apr 19, 2021
edited
Loading

WIP. It will resolve issue #1647.

My approach is to check first if the role has the permissions assigned to the DB table/view, only then check if it's insertable, etc.

wolfgangwalther
wolfgangwalther reviewed Apr 20, 2021
View reviewed changes
src/PostgREST/DbStructure.hs Outdated Show resolved Hide resolved
src/PostgREST/DbStructure.hs Outdated Show resolved Hide resolved
src/PostgREST/DbStructure.hs Outdated Show resolved Hide resolved
src/PostgREST/DbStructure.hs Outdated Show resolved Hide resolved
src/PostgREST/DbStructure.hs Outdated Show resolved Hide resolved
@steve-chavez steve-chavez mentioned this pull request Apr 20, 2021
Open
steve-chavez
steve-chavez reviewed Apr 21, 2021
View reviewed changes
src/PostgREST/App.hs Outdated Show resolved Hide resolved
@laurenceisla laurenceisla marked this pull request as ready for review April 22, 2021 23:22
@wolfgangwalther
Copy link
Member

Nice work, I like it! :)

wolfgangwalther
wolfgangwalther reviewed Apr 23, 2021
View reviewed changes
test/Feature/OptionsSpec.hs Outdated Show resolved Hide resolved
test/Feature/OptionsSpec.hs Outdated Show resolved Hide resolved
@steve-chavez
Copy link
Member

steve-chavez commented Apr 23, 2021
edited
Loading

@laurenceisla The Allow header is looking good 👍. However, I think we're missing something. I've just tried this:

http POST localhost:3000/projects_view_with_delete_trigger <<JSON
{"id": 6, "name": "client 6"}
JSON

HTTP/1.1 500 Internal Server Error
Content-Type: application/json; charset=utf-8

{
    "code": "55000",
    "details": "Views containing DISTINCT are not automatically updatable.",
    "hint": "To enable inserting into the view, provide an INSTEAD OF INSERT trigger or an unconditional ON INSERT DO INSTEAD rule.",
    "message": "cannot insert into view \"projects_view_with_delete_trigger\""
}

According to the RFC, we should reply with a 405 Method Not Allowed instead.

If we do this, the client request wouldn't not reach the db. The disadvantage I see is that if users add a INSTEAD OF INSERT trigger, they'll need to refresh our schema cache to make the request succeed.

WDYT? Shall we do this?

Edit:

I was thinking that perhaps we can just catch the 55000(object_not_in_prerequisite_state) error and convert it to a 405 Method Not Allowed, but seems this code is used for other internal errors as well.

@wolfgangwalther
Copy link
Member

According to the RFC, we should reply with a 405 Method Not Allowed instead.

If we do this, the client request wouldn't not reach the db. The disadvantage I see is that if users add a INSTEAD OF INSERT trigger, they'll need to refresh our schema cache to make the request succeed.

WDYT? Shall we do this?

Edit:

I was thinking that perhaps we can just catch the 55000(object_not_in_prerequisite_state) error and convert it to a 405 Method Not Allowed, but seems this code is used for other internal errors as well.

Ah, an easy way out would have been cool. But given that this seems not possible to do, I think this will be out of scope for this PR, as discussed here:

@steve-chavez
Copy link
Member

But given that this seems not possible to do, I think this will be out of scope for this PR, as discussed here

Cool. I do think that anything that makes PostgREST less transparent to the db requires more discussion anyway. So lets leave that for another time.

@steve-chavez steve-chavez merged commit f6b3a5c into PostgREST:main Apr 23, 2021
@laurenceisla laurenceisla deleted the httpview branch April 26, 2021 14:33
@laurenceisla laurenceisla mentioned this pull request Apr 29, 2021
Closed
monacoremo pushed a commit to monacoremo/postgrest that referenced this pull request Jul 17, 2021
@laurenceisla
fix: Make OPTIONS consider view instead of triggers (PostgREST#1824)
5c64699
This was referenced Feb 24, 2024
Closed
Closed
@laurenceisla laurenceisla mentioned this pull request Aug 8, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wolfgangwalther wolfgangwalther wolfgangwalther left review comments

@steve-chavez steve-chavez steve-chavez approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@laurenceisla @wolfgangwalther @steve-chavez