fix(postgres): rewrite executeRead + compat test fixes#48
Open
tamnd wants to merge 4 commits into
Open
Conversation
…mous reads With pgx QueryExecModeCacheDescribe, SendBatch sends Parse messages for ALL batch items before executing any. PostgreSQL parses SELECT as the authenticator role (before SET LOCAL ROLE runs) and rejects with 42501 permission denied, which the HTTP layer maps to 401 for anonymous requests. Fix: open a BeginTx, call applySession (which switches role and sets GUCs), then Query. The SELECT is parsed after the role is already set, so PostgreSQL sees the correct role for permission checks. This is the same sequential pattern already used in executeCallRead. Remove the batchStreamResult / batchStreamRows types that relied on the old SendBatch approach.
Add a lightweight driver registry (backend.Register / backend.Open) so each backend package advertises itself without requiring a switch in main. Each package calls backend.Register in its init() function; cmd/dbrest imports them as blank imports. cmd/dbrest.openBackend shrinks to a three-liner.
…uard findDocs no longer accepts a project parameter since no caller used it. Initialise the rows field on bodyResult at construction so the trailing nil-guard after executeDelete / executeUpdate is unnecessary.
…ersons The to-many embed test (9.1) verifies that a parent row with no matching children returns an empty collection instead of disappearing. Carol (person 3) has no assignments, making her the test case for that path. Without Carol both servers returned identical two-row responses, hiding any LEFT-JOIN regression. resetTestDB now deletes persons with id > 3 (was > 2) so Carol survives between test runs, and the seed comment is updated to reflect 3 persons.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Root cause fix:
executeReadusedpgx.SendBatchwithQueryExecModeCacheDescribe. pgx sends Parse messages for ALL batch items before executing any, so PostgreSQL parsed the SELECT as theauthenticatorrole beforeSET LOCAL ROLEran, returning42501permission denied → HTTP 401 for every anonymous GET.Fix: open a
BeginTx, callapplySession(switches role + sets GUCs), thenQuery. The SELECT is parsed after the role is already set. Same sequential pattern asexecuteCallRead.Backend driver registry: each backend package now calls
backend.Registerin itsinit()function;cmd/dbrestimports them as blank imports. Removes the switch inopenBackend.Mongo cleanup: remove unused
projectparameter fromfindDocs, simplifynilguard inexecuteUpdate/executeDelete.Compat test fixes: add Carol (person 3) to the seed so the to-many embed test covers a parent row with an empty related collection. Update
resetTestDBto preserve all 3 seed persons.Commits
87c2e16747530caea1e9941016a2Test plan
go test ./compat/ -run TestCompatSummaryreports115/115 passedagainst live PostgREST + dbrestgo test ./...passes (existing unit tests)curl http://localhost:3001/todosreturns rows (not 401) with anonymous token