Re: Named / preparsed / preplaned(prepared) queries - Feature proposal - Mailing list pgsql-general

Hi,

Dne 6.11.2011 15:07, NTPT napsal(a):
> Hi all
>
> I have an idea how to extend postgresql feature set.
>
>
> I sugest named / preparsed / preplamned query  mechanizm where named
> query is a simpliest form and preplaned query is the most
> sofisticated (implementation wise). Ie to have ability to  assign a
> global and may be persistant NAME (or alias) for some query for some
> user. Similar how PREPARE related stuff does, but AFAIK, prepared
> statement are limited for the current user on current connection
> only.
>
> with syntax like this:
>
> NAMEDQUERY "select foo from bar where blah=$1" AS "myquery"
> [PREPARSED | PREPLANED  REPLAN EVERY condition] [PERSISTENT] [FINAL]
> [FOR USER user1,user2]
>
> And then  modify user privileges to add privileges to create a
> NAMEDQUERY, to create it for others -  typicaly  useful for database
> administrator and the  privilege of executing NAMED QUERY ONLY for
> some user - for example guest.

Are you aware of SQL functions? It seems to me it's almost exactly what
you're describing. See this:

  http://www.postgresql.org/docs/current/static/xfunc-sql.html

You can grant privileges on them, it survives server restart, it
provides the decoupling etc. Plus there are other languages (PL/pgSQL)
that may be handy in some cases.

> PERSISTANT tell the server that this named query should survive
> server restart.
>
> FINAL: if Administrator set a named query as FINAL, no other user is
> able to override it.
>
> PREPARSED: Rationale behind PREPARSED queries is that in most
> scenarios on web applications there is a simple not complicated
> select of data often in heap or memory or in the in memory index
> where actually fetching that data is faster then parsing a query
> string. So I thing a global cache of preparsed  NAMEDQUERY statements
> is a good idea and on some loads can boost performance
> significantly.
>
> PREPLANED: same as the preparsed, but the query plan is cached too.
> So in frequent simple queries (like common in ajax/comet applications
> where it ofen do some simple select to query a status of session
> etc), I thing it can remove significant burden (parsing and planning
> a query) from CPU .
>
> yes, I know that a query plan that is superior  now, could be
> inferior few minutes later. So I suggest a  REPLAN EVERY condition,
> where condition can be whatever user like - time interval,   changed
> N percent of tuples etc etc - Let user decide what mechanizm is best
> for him.

Handling the execution plans is a bit tricky, though. The plans are not
forgotten on disconnect, IIRC, but need to be invalidated in some cases
etc. Leaving this up to the developer is not a good idea, and REPLAN
EVERY actually does not fix the problem, because it's not just about
collecting fresh stats but about values (common vs. uncommon values etc.).

Anyway parsing a query is not a problem, once the needed records is
cache - planning it is much more time consuming I guess. So the PREPARSE
does not make much sense to me and the PREPLANED is already available.

> This feature can lead to two interested things. First, there is a
> decoupuling a database from application level and keep this two realm
> relatively separate, if underlying db structure is changed, just
> redefine named queries and do not touch application. It create some
> sort of easy to use abstraction layer. It is a bit "objectish"
> approach, because you can create a selfcontained database with data
> and method for its manipulation (if named query is  set as
> PERSISTENT, should  dump/restore and replication solutions do their
> job on persistant named queries as well)

As I said before, you can this can be achieved with stored procedures
(SQL, PL/pgSQL, PL/whatever). The procedures are dumped/restored,
replicated etc.

> Second thing is a powerful, simple, yet easy to use security feature
> with as much granularity as is possible. For example user guest, who
> have set a NAMED QUERY ONLY user privilege, will be limited only to
> queries that admin of the database defined for him, no matter what.I
> thing that it could be easy to use privilege sepration mechanizm.

Again. Grant the user privileges on stored procedures, not the tables,
and use SECURITY DEFINER when creating the procedures.

Tomas