Class: Gitlab::Database::QueryAnalyzers::RestrictAllowedSchemas

Inherits:
Base
  • Object
show all
Defined in:
lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb

Constant Summary collapse

UnsupportedSchemaError = 
Class.new(QueryAnalyzerError)
DDLNotAllowedError = 
Class.new(UnsupportedSchemaError)
DMLNotAllowedError = 
Class.new(UnsupportedSchemaError)
DMLAccessDeniedError = 
Class.new(UnsupportedSchemaError)
SCHEMA_MAPPING =

Re-map schemas observed schemas to a single cluster mode

  • symbol:

    The mapped schema indicates that it contains all data in a single-cluster mode

  • nil:

    Inidicates that changes made to this schema are ignored and always allowed

{
  gitlab_shared: nil,
  gitlab_internal: nil,

  # Pods specific changes
  gitlab_main_clusterwide: :gitlab_main,
  gitlab_main_cell: :gitlab_main
}.freeze

Constants inherited from Base

Base::QueryAnalyzerError

Class Method Summary collapse

Methods inherited from Base

analyzer_key, begin!, context, context_key, end!, requires_tracking?, suppress=, suppress_key, suppressed?, with_suppressed

Class Method Details

.allowed_gitlab_schemasObject 



31
32
33
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 31

def allowed_gitlab_schemas
  self.context[:allowed_gitlab_schemas]
end

.allowed_gitlab_schemas=(value) ⇒ Object 



35
36
37
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 35

def allowed_gitlab_schemas=(value)
  self.context[:allowed_gitlab_schemas] = value
end

.analyze(parsed) ⇒ Object 



39
40
41
42
43
44
45
46
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 39

def analyze(parsed)
  # If list of schemas is empty, we allow only DDL changes
  if self.dml_mode?
    self.restrict_to_dml_only(parsed)
  else
    self.restrict_to_ddl_only(parsed)
  end
end

.enabled?Boolean

Returns:

  • (Boolean) 


27
28
29
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 27

def enabled?
  true
end

.require_ddl_mode!(message = "") ⇒ Object 



48
49
50
51
52
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 48

def require_ddl_mode!(message = "")
  return unless self.context

  self.raise_dml_not_allowed_error(message) if self.dml_mode?
end

.require_dml_mode!(message = "") ⇒ Object 



54
55
56
57
58
 
# File 'lib/gitlab/database/query_analyzers/restrict_allowed_schemas.rb', line 54

def require_dml_mode!(message = "")
  return unless self.context

  self.raise_ddl_not_allowed_error(message) if self.ddl_mode?
end