Community
Participate
Working Groups
Background (from email): Tom, I believe it will mostly be of use to larger development teams where the reality of the MT additional-criteria may be overlooked and a developer may start using native queries without understanding the impact. Can you track a P3 ER for this against the 2.3.0 release? Doug On 05/04/2011 11:40 AM, Tom Ware wrote: > I have always thought of this in the "trusted" sense. If the application provider allows the end-user to write native-sql, they should be aware of the risks and deal with it themselves. > > If the end-user can get to the createNativeQuery() API itself, they'll have access to all the API. They could just disable the tenant criteria and get all the data anyway. > > If this is simply a setting that lets people set-up the application so that they don't accidentally write a native query without tenant info in it, I guess the value is if native queries are disabled by default and you must specifically enable then and as a result indicate you "know the risks". To me, I'd suggest a feature like this is lower priority than the other items we have been addressing and something we would likely add late in the game if time remained. > > -Tom > > douglas clarke wrote: >> One the challenges with the shared MT schema is that we only augment queries where we generate the SQL. What is our plan to support limiting preventing native SQL queries. >> >> Last week when we met with Mitesh and Linda we discussed that an application can be considered trusted so that any developer who wished to use a native query could but it would be up to them to ensure they included the MT criteria. Alternatively we should allow you to disallow native queries. Probably with a PU property. >> >> I believe this requirement should be included in the MT work. Curious about any existing plans for this or your thoughts? >> >> -- >> Doug
Created attachment 195350 [details] Proposed changes
The proposal is as follows: New persistence unit property: eclipselink.jdbc.allow-native-sql-queries Default is true. When set to false in JPA, no user issued sql queries will be executed. Note: disabling all sql queries impacts internal EclipseLink queries such as sequencing.
Created attachment 198016 [details] Working proposal This patch introduces two new flags that can be set to achieve this functionality. Persistence unit property: - "eclipselink.jdbc.allow-native-sql-queries" - defaults to TRUE QueryHint: "eclipselink.jdbc.bypass-disallowed-native-sql-queries" - defaults to FALSE Note the query hint has no effect essentially unless the persistence unit property is set to FALSE.
Created attachment 198721 [details] Proposed changes Update to previous patch (from feedback from Doug and Gordon) Persistence unit property: - "eclipselink.jdbc.allow-native-sql-queries" - defaults to TRUE QueryHint: "eclipselink.jdbc.allow-native-sql-query" - defaults to UNDEFINED When the query hint is undefined then we'll look at the persistence unit setting. If the query hint is defined, we'll do as it says.
Created attachment 198922 [details] Final patch Changes have been submitted to trunk. Reviewed: Gordon Yorke
Changes have been submitted to the 2.3.1 stream
The Eclipselink project has moved to Github: https://github.com/eclipse-ee4j/eclipselink