activerecord-cipherstash-pg-adapter 0.1.0

data/lib/active_record/connection_adapters/cipherstash_pg/referential_integrity.rb

@@ -0,0 +1,77 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module ConnectionAdapters
+    module CipherStashPG
+      module ReferentialIntegrity # :nodoc:
+        def disable_referential_integrity # :nodoc:
+          original_exception = nil
+
+          begin
+            transaction(requires_new: true) do
+              execute(tables.collect { |name| "ALTER TABLE #{quote_table_name(name)} DISABLE TRIGGER ALL" }.join(";"))
+            end
+          rescue ActiveRecord::ActiveRecordError => e
+            original_exception = e
+          end
+
+          begin
+            yield
+          rescue ActiveRecord::InvalidForeignKey => e
+            warn <<-WARNING
+WARNING: Rails was not able to disable referential integrity.
+
+This is most likely caused due to missing permissions.
+Rails needs superuser privileges to disable referential integrity.
+
+    cause: #{original_exception&.message}
+
+            WARNING
+            raise e
+          end
+
+          begin
+            transaction(requires_new: true) do
+              execute(tables.collect { |name| "ALTER TABLE #{quote_table_name(name)} ENABLE TRIGGER ALL" }.join(";"))
+            end
+          rescue ActiveRecord::ActiveRecordError
+          end
+        end
+
+        def all_foreign_keys_valid? # :nodoc:
+          sql = <<~SQL
+            do $$
+              declare r record;
+            BEGIN
+            FOR r IN (
+              SELECT FORMAT(
+                'UPDATE pg_constraint SET convalidated=false WHERE conname = ''%I'' AND connamespace::regnamespace = ''%I''::regnamespace; ALTER TABLE %I.%I VALIDATE CONSTRAINT %I;',
+                constraint_name,
+                table_schema,
+                table_schema,
+                table_name,
+                constraint_name
+              ) AS constraint_check
+              FROM information_schema.table_constraints WHERE constraint_type = 'FOREIGN KEY'
+            )
+              LOOP
+                EXECUTE (r.constraint_check);
+              END LOOP;
+            END;
+            $$;
+          SQL
+
+          begin
+            transaction(requires_new: true) do
+              execute(sql)
+            end
+
+            true
+          rescue ActiveRecord::StatementInvalid
+            false
+          end
+        end
+      end
+    end
+  end
+end

data/lib/active_record/connection_adapters/cipherstash_pg/schema_creation.rb

@@ -0,0 +1,100 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module ConnectionAdapters
+    module CipherStashPG
+      class SchemaCreation < SchemaCreation # :nodoc:
+        private
+          def visit_AlterTable(o)
+            super << o.constraint_validations.map { |fk| visit_ValidateConstraint fk }.join(" ")
+          end
+
+          def visit_AddForeignKey(o)
+            super.dup.tap do |sql|
+              if o.deferrable
+                sql << " DEFERRABLE"
+                sql << " INITIALLY #{o.deferrable.to_s.upcase}" unless o.deferrable == true
+              end
+
+              sql << " NOT VALID" unless o.validate?
+            end
+          end
+
+          def visit_CheckConstraintDefinition(o)
+            super.dup.tap { |sql| sql << " NOT VALID" unless o.validate? }
+          end
+
+          def visit_ValidateConstraint(name)
+            "VALIDATE CONSTRAINT #{quote_column_name(name)}"
+          end
+
+          def visit_ChangeColumnDefinition(o)
+            column = o.column
+            column.sql_type = type_to_sql(column.type, **column.options)
+            quoted_column_name = quote_column_name(o.name)
+
+            change_column_sql = +"ALTER COLUMN #{quoted_column_name} TYPE #{column.sql_type}"
+
+            options = column_options(column)
+
+            if options[:collation]
+              change_column_sql << " COLLATE \"#{options[:collation]}\""
+            end
+
+            if options[:using]
+              change_column_sql << " USING #{options[:using]}"
+            elsif options[:cast_as]
+              cast_as_type = type_to_sql(options[:cast_as], **options)
+              change_column_sql << " USING CAST(#{quoted_column_name} AS #{cast_as_type})"
+            end
+
+            if options.key?(:default)
+              if options[:default].nil?
+                change_column_sql << ", ALTER COLUMN #{quoted_column_name} DROP DEFAULT"
+              else
+                quoted_default = quote_default_expression(options[:default], column)
+                change_column_sql << ", ALTER COLUMN #{quoted_column_name} SET DEFAULT #{quoted_default}"
+              end
+            end
+
+            if options.key?(:null)
+              change_column_sql << ", ALTER COLUMN #{quoted_column_name} #{options[:null] ? 'DROP' : 'SET'} NOT NULL"
+            end
+
+            change_column_sql
+          end
+
+          def add_column_options!(sql, options)
+            if options[:collation]
+              sql << " COLLATE \"#{options[:collation]}\""
+            end
+
+            if as = options[:as]
+              sql << " GENERATED ALWAYS AS (#{as})"
+
+              if options[:stored]
+                sql << " STORED"
+              else
+                raise ArgumentError, <<~MSG
+                  PostgreSQL currently does not support VIRTUAL (not persisted) generated columns.
+                  Specify 'stored: true' option for '#{options[:column].name}'
+                MSG
+              end
+            end
+            super
+          end
+
+          # Returns any SQL string to go between CREATE and TABLE. May be nil.
+          def table_modifier_in_create(o)
+            # A table cannot be both TEMPORARY and UNLOGGED, since all TEMPORARY
+            # tables are already UNLOGGED.
+            if o.temporary
+              " TEMPORARY"
+            elsif o.unlogged
+              " UNLOGGED"
+            end
+          end
+      end
+    end
+  end
+end

data/lib/active_record/connection_adapters/cipherstash_pg/schema_definitions.rb

@@ -0,0 +1,243 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module ConnectionAdapters
+    module CipherStashPG
+      module ColumnMethods
+        extend ActiveSupport::Concern
+
+        # Defines the primary key field.
+        # Use of the native PostgreSQL UUID type is supported, and can be used
+        # by defining your tables as such:
+        #
+        #   create_table :stuffs, id: :uuid do |t|
+        #     t.string :content
+        #     t.timestamps
+        #   end
+        #
+        # By default, this will use the <tt>gen_random_uuid()</tt> function from the
+        # +pgcrypto+ extension. As that extension is only available in
+        # PostgreSQL 9.4+, for earlier versions an explicit default can be set
+        # to use <tt>uuid_generate_v4()</tt> from the +uuid-ossp+ extension instead:
+        #
+        #   create_table :stuffs, id: false do |t|
+        #     t.primary_key :id, :uuid, default: "uuid_generate_v4()"
+        #     t.uuid :foo_id
+        #     t.timestamps
+        #   end
+        #
+        # To enable the appropriate extension, which is a requirement, use
+        # the +enable_extension+ method in your migrations.
+        #
+        # To use a UUID primary key without any of the extensions, set the
+        # +:default+ option to +nil+:
+        #
+        #   create_table :stuffs, id: false do |t|
+        #     t.primary_key :id, :uuid, default: nil
+        #     t.uuid :foo_id
+        #     t.timestamps
+        #   end
+        #
+        # You may also pass a custom stored procedure that returns a UUID or use a
+        # different UUID generation function from another library.
+        #
+        # Note that setting the UUID primary key default value to +nil+ will
+        # require you to assure that you always provide a UUID value before saving
+        # a record (as primary keys cannot be +nil+). This might be done via the
+        # +SecureRandom.uuid+ method and a +before_save+ callback, for instance.
+        def primary_key(name, type = :primary_key, **options)
+          if type == :uuid
+            options[:default] = options.fetch(:default, "gen_random_uuid()")
+          end
+
+          super
+        end
+
+        ##
+        # :method: bigserial
+        # :call-seq: bigserial(*names, **options)
+
+        ##
+        # :method: bit
+        # :call-seq: bit(*names, **options)
+
+        ##
+        # :method: bit_varying
+        # :call-seq: bit_varying(*names, **options)
+
+        ##
+        # :method: cidr
+        # :call-seq: cidr(*names, **options)
+
+        ##
+        # :method: citext
+        # :call-seq: citext(*names, **options)
+
+        ##
+        # :method: daterange
+        # :call-seq: daterange(*names, **options)
+
+        ##
+        # :method: hstore
+        # :call-seq: hstore(*names, **options)
+
+        ##
+        # :method: inet
+        # :call-seq: inet(*names, **options)
+
+        ##
+        # :method: interval
+        # :call-seq: interval(*names, **options)
+
+        ##
+        # :method: int4range
+        # :call-seq: int4range(*names, **options)
+
+        ##
+        # :method: int8range
+        # :call-seq: int8range(*names, **options)
+
+        ##
+        # :method: jsonb
+        # :call-seq: jsonb(*names, **options)
+
+        ##
+        # :method: ltree
+        # :call-seq: ltree(*names, **options)
+
+        ##
+        # :method: macaddr
+        # :call-seq: macaddr(*names, **options)
+
+        ##
+        # :method: money
+        # :call-seq: money(*names, **options)
+
+        ##
+        # :method: numrange
+        # :call-seq: numrange(*names, **options)
+
+        ##
+        # :method: oid
+        # :call-seq: oid(*names, **options)
+
+        ##
+        # :method: point
+        # :call-seq: point(*names, **options)
+
+        ##
+        # :method: line
+        # :call-seq: line(*names, **options)
+
+        ##
+        # :method: lseg
+        # :call-seq: lseg(*names, **options)
+
+        ##
+        # :method: box
+        # :call-seq: box(*names, **options)
+
+        ##
+        # :method: path
+        # :call-seq: path(*names, **options)
+
+        ##
+        # :method: polygon
+        # :call-seq: polygon(*names, **options)
+
+        ##
+        # :method: circle
+        # :call-seq: circle(*names, **options)
+
+        ##
+        # :method: serial
+        # :call-seq: serial(*names, **options)
+
+        ##
+        # :method: tsrange
+        # :call-seq: tsrange(*names, **options)
+
+        ##
+        # :method: tstzrange
+        # :call-seq: tstzrange(*names, **options)
+
+        ##
+        # :method: tsvector
+        # :call-seq: tsvector(*names, **options)
+
+        ##
+        # :method: uuid
+        # :call-seq: uuid(*names, **options)
+
+        ##
+        # :method: xml
+        # :call-seq: xml(*names, **options)
+
+        ##
+        # :method: timestamptz
+        # :call-seq: timestamptz(*names, **options)
+
+        ##
+        # :method: enum
+        # :call-seq: enum(*names, **options)
+
+        included do
+          define_column_methods :bigserial, :bit, :bit_varying, :cidr, :citext, :daterange,
+            :hstore, :inet, :interval, :int4range, :int8range, :jsonb, :ltree, :macaddr,
+            :money, :numrange, :oid, :point, :line, :lseg, :box, :path, :polygon, :circle,
+            :serial, :tsrange, :tstzrange, :tsvector, :uuid, :xml, :timestamptz, :enum
+        end
+      end
+
+      class TableDefinition < ActiveRecord::ConnectionAdapters::TableDefinition
+        include ColumnMethods
+
+        attr_reader :unlogged
+
+        def initialize(*, **)
+          super
+          @unlogged = ActiveRecord::ConnectionAdapters::CipherStashPGAdapter.create_unlogged_tables
+        end
+
+        def new_column_definition(name, type, **options) # :nodoc:
+          case type
+          when :virtual
+            type = options[:type]
+          end
+
+          super
+        end
+
+        private
+          def aliased_types(name, fallback)
+            fallback
+          end
+
+          def integer_like_primary_key_type(type, options)
+            if type == :bigint || options[:limit] == 8
+              :bigserial
+            else
+              :serial
+            end
+          end
+      end
+
+      class Table < ActiveRecord::ConnectionAdapters::Table
+        include ColumnMethods
+      end
+
+      class AlterTable < ActiveRecord::ConnectionAdapters::AlterTable
+        attr_reader :constraint_validations
+
+        def initialize(td)
+          super
+          @constraint_validations = []
+        end
+
+        def validate_constraint(name)
+          @constraint_validations << name
+        end
+      end
+    end
+  end
+end

data/lib/active_record/connection_adapters/cipherstash_pg/schema_dumper.rb

@@ -0,0 +1,74 @@
+# frozen_string_literal: true
+
+module ActiveRecord
+  module ConnectionAdapters
+    module CipherStashPG
+      class SchemaDumper < ConnectionAdapters::SchemaDumper # :nodoc:
+        private
+          def extensions(stream)
+            extensions = @connection.extensions
+            if extensions.any?
+              stream.puts "  # These are extensions that must be enabled in order to support this database"
+              extensions.sort.each do |extension|
+                stream.puts "  enable_extension #{extension.inspect}"
+              end
+              stream.puts
+            end
+          end
+
+          def types(stream)
+            types = @connection.enum_types
+            if types.any?
+              stream.puts "  # Custom types defined in this database."
+              stream.puts "  # Note that some types may not work with other database engines. Be careful if changing database."
+              types.sort.each do |name, values|
+                stream.puts "  create_enum #{name.inspect}, #{values.split(",").inspect}"
+              end
+              stream.puts
+            end
+          end
+
+          def prepare_column_options(column)
+            spec = super
+            spec[:array] = "true" if column.array?
+
+            if @connection.supports_virtual_columns? && column.virtual?
+              spec[:as] = extract_expression_for_virtual_column(column)
+              spec[:stored] = true
+              spec = { type: schema_type(column).inspect }.merge!(spec)
+            end
+
+            spec[:enum_type] = "\"#{column.sql_type}\"" if column.enum?
+
+            spec
+          end
+
+          def default_primary_key?(column)
+            schema_type(column) == :bigserial
+          end
+
+          def explicit_primary_key_default?(column)
+            column.type == :uuid || (column.type == :integer && !column.serial?)
+          end
+
+          def schema_type(column)
+            return super unless column.serial?
+
+            if column.bigint?
+              :bigserial
+            else
+              :serial
+            end
+          end
+
+          def schema_expression(column)
+            super unless column.serial?
+          end
+
+          def extract_expression_for_virtual_column(column)
+            column.default_function.inspect
+          end
+      end
+    end
+  end
+end