From 54d459861997104f9ae464a8374d2d427aa221d1 Mon Sep 17 00:00:00 2001 From: Andreas Karlsson Date: Thu, 20 Feb 2025 16:36:54 +0100 Subject: [PATCH] PG-1380 Make pg_tde_is_encrypted() take a regclass By changing the parameter to regclass you can pass any parameter of the following types to it: text, oid, regclass; and there will be an automatic cast. More user freindly than accepting text. --- ci_scripts/backup/sql/verify_incremental_data.sql | 2 +- ci_scripts/backup/sql/verify_sample_data.sql | 2 +- contrib/pg_tde/expected/pg_tde_is_encrypted.out | 6 ------ .../pg_tde/expected/pg_tde_is_encrypted_basic.out | 6 ------ contrib/pg_tde/pg_tde--1.0-beta2.sql | 12 ++++++------ contrib/pg_tde/sql/pg_tde_is_encrypted.inc | 2 -- 6 files changed, 8 insertions(+), 22 deletions(-) diff --git a/ci_scripts/backup/sql/verify_incremental_data.sql b/ci_scripts/backup/sql/verify_incremental_data.sql index e7720d4078a..b6f19f0aaa8 100644 --- a/ci_scripts/backup/sql/verify_incremental_data.sql +++ b/ci_scripts/backup/sql/verify_incremental_data.sql @@ -83,7 +83,7 @@ WHERE tde_table.id IS NULL; -- 10. Verify tables are encrypted -- =============================================== -- Verify all tables exist and are encrypted -SELECT tablename, pg_tde_is_encrypted(tablename::TEXT) AS is_encrypted +SELECT tablename, pg_tde_is_encrypted(tablename::regclass) AS is_encrypted FROM pg_tables WHERE schemaname = 'public' AND tablename IN ('tde_table', 'tde_child', 'part1','part_table') diff --git a/ci_scripts/backup/sql/verify_sample_data.sql b/ci_scripts/backup/sql/verify_sample_data.sql index ccced9ded60..ca04e3112ca 100644 --- a/ci_scripts/backup/sql/verify_sample_data.sql +++ b/ci_scripts/backup/sql/verify_sample_data.sql @@ -128,7 +128,7 @@ WHERE dept.deptno IS NULL; -- 9. Verify tables are encrypted -- =============================================== -- Verify all tables exist and are encrypted -SELECT tablename, pg_tde_is_encrypted(tablename::TEXT) AS is_encrypted +SELECT tablename, pg_tde_is_encrypted(tablename::regclass) AS is_encrypted FROM pg_tables WHERE schemaname = 'public' AND tablename IN ('dept', 'emp', 'jobhist') diff --git a/contrib/pg_tde/expected/pg_tde_is_encrypted.out b/contrib/pg_tde/expected/pg_tde_is_encrypted.out index 7c1b11c4be7..3be312e4e69 100644 --- a/contrib/pg_tde/expected/pg_tde_is_encrypted.out +++ b/contrib/pg_tde/expected/pg_tde_is_encrypted.out @@ -50,12 +50,6 @@ SELECT pg_tde_is_encrypted('test_norm'); f (1 row) -SELECT pg_tde_is_encrypted('public.test_enc'); - pg_tde_is_encrypted ---------------------- - t -(1 row) - SELECT key_provider_id, key_provider_name, principal_key_name FROM pg_tde_principal_key_info(); key_provider_id | key_provider_name | principal_key_name diff --git a/contrib/pg_tde/expected/pg_tde_is_encrypted_basic.out b/contrib/pg_tde/expected/pg_tde_is_encrypted_basic.out index c7dc1f45553..4adc514b401 100644 --- a/contrib/pg_tde/expected/pg_tde_is_encrypted_basic.out +++ b/contrib/pg_tde/expected/pg_tde_is_encrypted_basic.out @@ -52,12 +52,6 @@ SELECT pg_tde_is_encrypted('test_norm'); f (1 row) -SELECT pg_tde_is_encrypted('public.test_enc'); - pg_tde_is_encrypted ---------------------- - t -(1 row) - SELECT key_provider_id, key_provider_name, principal_key_name FROM pg_tde_principal_key_info(); key_provider_id | key_provider_name | principal_key_name diff --git a/contrib/pg_tde/pg_tde--1.0-beta2.sql b/contrib/pg_tde/pg_tde--1.0-beta2.sql index 61ab3b99b9f..c7bc739d14f 100644 --- a/contrib/pg_tde/pg_tde--1.0-beta2.sql +++ b/contrib/pg_tde/pg_tde--1.0-beta2.sql @@ -424,22 +424,22 @@ RETURNS table_am_handler LANGUAGE C AS 'MODULE_PATHNAME'; -CREATE FUNCTION pg_tde_internal_has_key(oid OID) +CREATE FUNCTION pg_tde_internal_has_key(relation regclass) RETURNS boolean LANGUAGE C AS 'MODULE_PATHNAME'; -CREATE FUNCTION pg_tde_is_encrypted(table_name TEXT) +CREATE FUNCTION pg_tde_is_encrypted(table_name regclass) RETURNS boolean LANGUAGE SQL BEGIN ATOMIC SELECT EXISTS ( SELECT 1 FROM pg_catalog.pg_class - WHERE oid = table_name::regclass::oid + WHERE oid = table_name AND (relam = (SELECT oid FROM pg_catalog.pg_am WHERE amname = 'tde_heap_basic') OR (relam = (SELECT oid FROM pg_catalog.pg_am WHERE amname = 'tde_heap')) - AND pg_tde_internal_has_key(table_name::regclass::oid)) + AND pg_tde_internal_has_key(table_name)) ); END; @@ -621,7 +621,7 @@ AS $$ BEGIN EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_list_all_key_providers() TO %I', target_role); EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_list_all_global_key_providers() TO %I', target_role); - EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_is_encrypted(text) TO %I', target_role); + EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_is_encrypted(regclass) TO %I', target_role); EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_principal_key_info() TO %I', target_role); EXECUTE format('GRANT EXECUTE ON FUNCTION pg_tde_global_principal_key_info() TO %I', target_role); @@ -702,7 +702,7 @@ AS $$ BEGIN EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_list_all_key_providers() FROM %I', target_role); EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_list_all_global_key_providers() FROM %I', target_role); - EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_is_encrypted(text) FROM %I', target_role); + EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_is_encrypted(regclass) FROM %I', target_role); EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_principal_key_info() FROM %I', target_role); EXECUTE format('REVOKE EXECUTE ON FUNCTION pg_tde_global_principal_key_info() FROM %I', target_role); diff --git a/contrib/pg_tde/sql/pg_tde_is_encrypted.inc b/contrib/pg_tde/sql/pg_tde_is_encrypted.inc index cc96888c256..d0e433ad091 100644 --- a/contrib/pg_tde/sql/pg_tde_is_encrypted.inc +++ b/contrib/pg_tde/sql/pg_tde_is_encrypted.inc @@ -23,8 +23,6 @@ SELECT amname FROM pg_class INNER JOIN pg_am ON pg_am.oid = pg_class.relam WHERE SELECT pg_tde_is_encrypted('test_enc'); SELECT pg_tde_is_encrypted('test_norm'); -SELECT pg_tde_is_encrypted('public.test_enc'); - SELECT key_provider_id, key_provider_name, principal_key_name FROM pg_tde_principal_key_info();