sql: legacy InternalExecutor interface is dangerous; we should migrate away #44223
Labels
A-sql-execution
Relating to SQL execution.
C-cleanup
Tech debt, refactors, loose ends, etc. Solution not expected to significantly change behavior.
C-investigation
Further steps needed to qualify. C-label will change.
T-sql-queries
SQL Queries Team
Historically, the
InternalExecutor
(and the stuff that it replaced before it) had an interface likeInternalExecutor.Query(stmt)
. The respective query would be executed asroot
if no user had been previously configured on the respective executor instance, or as that configured user otherwise. This is dangerous since queries that weren't intending to run asroot
could getroot
silently through programming errors where theirInternalExecutor
isn't set to a user. The reverse situation where something wanted root but starts getting something else is also possible.#44170 introduces a set of new functions -
QueryEx(), ExecEx() etc
that don't have this behavior. They take a user explicitly, and if none is given they fall back to what had been previously set on the executor. If nothing had been previously set, they error out. In other words, they make it explicit if the caller expects to control the user of if it expects to inherit the user.We should migrate everybody to this new world and remove the old interface. #44170 converts a bunch of things, but not everything.
In particular, there's a class of callers with a problem. Everything in the
sem/tree
package (particularly, the SQL builtin functions) can't use the new interface. They use theInternalExecutor
through a subset of the interface:tree.InternalExecutor
. They can't importsql.InternalExecutor
, or evensqlutil.InternalExecutor
(the latter being supposed to be used by people who can't import sql). The new functions can't be made part oftree.InternalExecutor
because they have asqlbase
argument, andsem/tree
can't even depend onsqlbase
...I think the builtins don't belong in the
sem/tree
package; at least not ifsqlbase
depends onsem/tree
.@otan you want it?
cc @knz
Jira issue: CRDB-5244
The text was updated successfully, but these errors were encountered: