From: Vladislav Shpilevoy <v.shpilevoy@tarantool.org> To: Peter Gulutzan <pgulutzan@ocelot.ca>, Mergen Imeev <imeevma@tarantool.org>, Nikita Pettik <korablev@tarantool.org>, kyukhin@tarantool.org, tsafin@tarantool.org, sergos@tarantool.org Cc: tarantool-discussions@dev.tarantool.org Subject: Re: [Tarantool-discussions] SQL built-in functions position Date: Mon, 28 Sep 2020 22:07:49 +0200 [thread overview] Message-ID: <57513bb5-3a4d-0c3c-720e-7e78634ecfe1@tarantool.org> (raw) In-Reply-To: <9a788a90-f558-fc6c-1d28-2813e8b721f8@ocelot.ca> Hi! See my response in another email with 4 big reasons why storage of SQL-specific functions in _func is a bad idea. Also see responses on your comments in separate sections. I leave references below. > The current built-in functions are harmless, except perhaps for RANDOMBLOB with a huge value. > However, in future maybe there will be built-in functions that should require privileges. > In that case, I believe, they will have to be in _func (and someday in _vfunc) > so that grant() will work for them. See "## Built-in functions require privileges?". > I have tried to redirect the UPPER() function in order to violate security, thus: > " > tarantool> function UPPER(x) return x end > --- > ... > tarantool> box.schema.func.create('UPPER') > --- > - error: Function 'UPPER' already exists > ... > tarantool> box.schema.func.drop('UPPER') > --- > - error: 'Can''t drop function 1: function is SQL built-in' > ... > " > This is good behaviour and I think it works because UPPER() is in _func. See "## Built-in functions prevent duplicates in _func?". > I did not document in the manual's SQL section that built-in functions will > be in _func, so removing them is not a regression from documented behaviour. See "## Storage in _func does not change _func schema and documentation?". > But I think users benefit from being able to see them. See "## Users benefit from seeing SQL-specific functions in _func?".
next prev parent reply other threads:[~2020-09-28 20:07 UTC|newest] Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-09-27 15:18 Mergen Imeev 2020-09-27 20:56 ` Peter Gulutzan 2020-09-28 20:07 ` Vladislav Shpilevoy [this message] 2020-09-29 19:22 ` Peter Gulutzan 2020-09-28 18:19 ` Nikita Pettik 2020-09-28 20:07 ` Vladislav Shpilevoy 2020-09-28 20:07 ` Vladislav Shpilevoy 2020-10-01 14:46 ` Kirill Yukhin 2020-10-01 21:15 ` Vladislav Shpilevoy 2020-10-02 15:18 ` Mergen Imeev
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=57513bb5-3a4d-0c3c-720e-7e78634ecfe1@tarantool.org \ --to=v.shpilevoy@tarantool.org \ --cc=imeevma@tarantool.org \ --cc=korablev@tarantool.org \ --cc=kyukhin@tarantool.org \ --cc=pgulutzan@ocelot.ca \ --cc=sergos@tarantool.org \ --cc=tarantool-discussions@dev.tarantool.org \ --cc=tsafin@tarantool.org \ --subject='Re: [Tarantool-discussions] SQL built-in functions position' \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: link
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox