This is the first in a series of commits that introduce components
that allow filters to be tested without MaxScale or backends.
Obviously the environment is not suited for all cases, but allow e.g.
the behaviour of the firewall filter to be tested in isolation.
The environment consists of helper classes loading and manipulating
modules and filters and mock-classes that provide the needed
scaffolding around a filter.
Currently all components exist under the test directory of the firewall
filter, but once proven they can be moved to a more general purpose
location.
By using an the value of a global incremented integer as the
initial version number of a Dbfw instance it is ensured that every
such instance does not "inherit" any rules from a previous instance
that happened to exist in the same place as the new instance to be
created.
Adds an option 'reply_time' to log_data. When enabled, query execution time
in milliseconds is logged. Execution time is measured as the time between
routeQuery and the first clientReply.
Only if the filter is in blocking mode, will a match cause an error
to be returned. Thus, no point in creating the error message unless
the filter is in blocking mode.
Whether or not a match causes the query to be blocked or to be allowed
depends on whether the filter is in white-listing or black-listing mode,
so better if the text is neutral.
Using 'not_function' it is possible to match functions other than
a specific set of ones. That will make it significantly easier to
allow certain functions to be used with certain columns.
The special handling of no arguments to `function` in conjunction
with an allowing filter has been removed. The same effect can now
be achieved, without special handling, using `not_function`, no
arguments and a blocking filter.
Implementation will follow in a subsequent commit.
The two depended on the PCRE2 and Connector-C libraries which means that
the libraries need to be built first. This information needs to be told to
CMake with the add_dependency call.
From the documentation:
* `never`: When there is an active transaction, no data will be returned
from the cache, but all requests will always be sent to the backend.
The cache will be populated inside _explicitly_ read-only transactions.
Inside transactions that are not explicitly read-only, the cache will
be populated _until_ the first non-SELECT statement.
* `read_only_transactions`: The cache will be used and populated inside
_explicitly_ read-only transactions. Inside transactions that are not
explicitly read-only, the cache will be populated, but not used
_until_ the first non-SELECT statement.
* `all_transactions`: The cache will be used and populated inside
_explicitly_ read-only transactions. Inside transactions that are not
explicitly read-only, the cache will be used and populated _until_ the
first non-SELECT statement.
When deciding whether the cache should be consulted or not,
the value of the configuration parameter 'cache_in_transaction'
is taken into account as well.
If something is SELECTed that should be cached for some, but not
for the current user, the cached entry it nevertheless updated.
That way the cached data will always be the last fetched value
and it is also possible to use this behaviour for explicitly
updating the cache entry.
KILL commands are now sent to the backends in an asynchronous manner. As
the LocalClient class is used to connect to the servers, this will cause
an extra connection to be created on top of the original connections
created by the session.
If the user does not have the permissions to execute the KILL, the error
message is currently lost. This could be solved by adding a "result
handler" into the LocalClient class which is called with the result.
When the LocalClient is constructed, it is possible to extract all the
needed information at that time. The only obstacle is the fact that the
LocalClient is constructed at the same time the session is. Since the
client DCB is created before the session, it is safe to extract the shared
data directly from it.
Since the module command interface was expanded to include a JSON output
parameter, there is no longer a need for an output DCB. As the JSON can be
printed by both maxadmin and the REST API, this allows the removal of
explicit output formatting in module commands.
When the database firewall filter is used in white-list mode,
'USE <db>' should be allowed. When connecting, it is always
possible to specify the database anyway so restricting
'USE <db>' serves no purpose.
By moving the initialization into Worker::run, all threads, including the
main thread, are properly initialized. This was not noticed before as
qc_sqlite initialized the main thread in the process initialization
callback.
