<div dir="ltr"><div class="gmail_default" style="font-size:large"><br></div><div class="gmail_extra"><br><div class="gmail_quote">On Tue, Jul 18, 2017 at 12:17 PM, Yedidyah Bar David <span dir="ltr"><<a href="mailto:didi@redhat.com" target="_blank">didi@redhat.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><span class="">On Tue, Jul 18, 2017 at 12:10 PM, Eli Mesika <<a href="mailto:emesika@redhat.com">emesika@redhat.com</a>> wrote:<br>
><br>
><br>
> On Tue, Jul 18, 2017 at 8:56 AM, Yedidyah Bar David <<a href="mailto:didi@redhat.com">didi@redhat.com</a>> wrote:<br>
>><br>
>> On Tue, Jul 18, 2017 at 1:29 AM, Martin Perina <<a href="mailto:mperina@redhat.com">mperina@redhat.com</a>> wrote:<br>
>> > Hello,<br>
>> ><br>
>> > to make things completely clear: any developer which will perform any<br>
>> > changes around permissions tables need to use only predefined stored<br>
>> > procedures for permissions handling. If for some reason direct SQL<br>
>> > update is<br>
>> > performed, then materialized view will not be refreshed until some<br>
>> > permission stored procedure is called, which could cause strange<br>
>> > results.<br>
>><br>
>> Isn't it possible to prevent such accidents somehow?<br>
>><br>
>> E.g., is it possible that:<br>
>> 1. We rename current table ("permissions") to some "private"<br>
>> name (e.g. "permissions_tab")<br>
><br>
> This is possible<br>
<br>
</span>OK. Are we going to? Is there a downside?<br></blockquote><div><br><div style="font-size:large;display:inline" class="gmail_default">Yes we can :-) , no downsides as much as I concern </div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
We also might still have a view 'permissions' if we want to support<br>
old code that reads from it.<br></blockquote><div><br><div style="font-size:large;display:inline" class="gmail_default">Old views will remain the same and you can read from them as usual </div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="HOEnZb"><div class="h5"><br>
><br>
><br>
>><br>
>> 2. We create the materialized view having the name of the<br>
>> original table ("permissions")<br>
><br>
><br>
> The MV replaces the views that uses the permissions table.<br>
> The plan is to rename the original view to something else and have the<br>
> created MV with the original view name<br>
><br>
><br>
>><br>
>> 3. We do what's needed (?) so that direct inserts/updates/deletes<br>
>> on the view either fail or do the right thing.<br>
><br>
><br>
> See my answer in 1)<br>
><br>
>><br>
>><br>
>> ><br>
>> > Eli has already removed all such code within patch [3], so this is just<br>
>> > a<br>
>> > warning for future.<br>
>> ><br>
>> > Thanks<br>
>> ><br>
>> > Martin<br>
>> ><br>
>> ><br>
>> > On Mon, Jul 17, 2017 at 9:47 PM, Eli Mesika <<a href="mailto:emesika@redhat.com">emesika@redhat.com</a>> wrote:<br>
>> >><br>
>> >><br>
>> >> Materialized Views [1] can be used to reduce query time on complex<br>
>> >> queries<br>
>> >> with low data update<br>
>> >><br>
>> >> The first candidates to use this feature are all the *permission* views<br>
>> >><br>
>> >> There is already a RFE [2] opened for that.<br>
>> >><br>
>> >> Please make sure that each call that handles the permissions table data<br>
>> >> is<br>
>> >> using the corresponding SP in dbscripts/multi_level_<wbr>administration.sql<br>
>> >> No direct access to the permissions table is allowed !<br>
>> >><br>
>> >> In case that a direct access to the permissions table is used, you<br>
>> >> should<br>
>> >> replace the code in a call to the corresponding SP as you can see in<br>
>> >> [3]<br>
>> >><br>
>> >> A direct use that will not be replaced with a call to the corresponding<br>
>> >> SP<br>
>> >> may cause that direct changes to the permissions table will not be<br>
>> >> reflected<br>
>> >> in the<br>
>> >> *permission* Materialized Views and the views will remain dirty until a<br>
>> >> change that is calling one of the SPs that handle the data of the<br>
>> >> permissions table is issued and cause the Materialized Views to be<br>
>> >> refreshed<br>
>> >><br>
>> >> Please check your code for direct use of the permissions table and<br>
>> >> consult<br>
>> >> with me if you have any questions or issues.<br>
>> >><br>
>> >> Thanks<br>
>> >><br>
>> >> Eli Mesika<br>
>> >><br>
>> >> [1] <a href="https://wiki.postgresql.org/wiki/Materialized_Views" rel="noreferrer" target="_blank">https://wiki.postgresql.org/<wbr>wiki/Materialized_Views</a><br>
>> >> [2] <a href="https://bugzilla.redhat.com/show_bug.cgi?id=1470991" rel="noreferrer" target="_blank">https://bugzilla.redhat.com/<wbr>show_bug.cgi?id=1470991</a><br>
>> >> [3] <a href="https://gerrit.ovirt.org/#/c/79287/" rel="noreferrer" target="_blank">https://gerrit.ovirt.org/#/c/<wbr>79287/</a><br>
>> >><br>
>> >><br>
>> >> ______________________________<wbr>_________________<br>
>> >> Devel mailing list<br>
>> >> <a href="mailto:Devel@ovirt.org">Devel@ovirt.org</a><br>
>> >> <a href="http://lists.ovirt.org/mailman/listinfo/devel" rel="noreferrer" target="_blank">http://lists.ovirt.org/<wbr>mailman/listinfo/devel</a><br>
>> ><br>
>> ><br>
>> ><br>
>> > ______________________________<wbr>_________________<br>
>> > Devel mailing list<br>
>> > <a href="mailto:Devel@ovirt.org">Devel@ovirt.org</a><br>
>> > <a href="http://lists.ovirt.org/mailman/listinfo/devel" rel="noreferrer" target="_blank">http://lists.ovirt.org/<wbr>mailman/listinfo/devel</a><br>
>><br>
>><br>
>><br>
>> --<br>
>> Didi<br>
><br>
><br>
<br>
<br>
<br>
</div></div><span class="HOEnZb"><font color="#888888">--<br>
Didi<br>
</font></span></blockquote></div><br></div></div>