Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • Book Overview & Buying PostgreSQL Server Programming - Second Edition
  • Table Of Contents Toc
PostgreSQL Server Programming - Second Edition

PostgreSQL Server Programming - Second Edition - Second Edition

By : Dar, Krosing, Jim Mlodgenski
4.5 (8)
Buy this Book
close
close
PostgreSQL Server Programming - Second Edition

PostgreSQL Server Programming - Second Edition

4.5 (8)
By: Dar, Krosing, Jim Mlodgenski
Buy this Book

Overview of this book

This book is for moderate to advanced PostgreSQL database professionals who wish to extend PostgreSQL, utilizing the most updated features of PostgreSQL 9.4. For a better understanding of this book, familiarity with writing SQL, a basic idea of query tuning, and some coding experience in your preferred language is expected.
Table of Contents (16 chapters)
close
close
close
Preface
Icon
Preface
Icon
What this book covers
Icon
What you need for this book
Icon
Who this book is for
Icon
Conventions
Icon
Reader feedback
Icon
Customer support
Lock Free Chapter
1
1. What Is a PostgreSQL Server?
chevron up
Icon
1. What Is a PostgreSQL Server?
Icon
Why program in the server?
Icon
About this book's code examples
Icon
Moving beyond simple functions
Icon
Managing related data with triggers
Icon
Auditing changes
Icon
Data cleaning
Icon
Custom sort orders
Icon
Programming best practices
Icon
Caching
Icon
Wrapping up – why program in the server?
Icon
Summary
2
2. Server Programming Environments
Icon
2. Server Programming Environments
Icon
Cost of acquisition
Icon
Availability of developers
Icon
Licensing
Icon
Predictability
Icon
Community
Icon
Procedural languages
Icon
Summary
3
3. Your First PL/pgSQL Function
Icon
3. Your First PL/pgSQL Function
Icon
Why PL/pgSQL?
Icon
The structure of a PL/pgSQL function
Icon
Conditional expressions
Icon
Returning a record
Icon
Acting on the function's results
Icon
Summary
4
4. Returning Structured Data
Icon
4. Returning Structured Data
Icon
Sets and arrays
Icon
Returning sets
Icon
Using a set returning function
Icon
Functions based on views
Icon
OUT parameters and records
Icon
A summary of the RETURN SETOF variants
Icon
Returning cursors
Icon
Other ways to work with structured data
Icon
Summary
5
5. PL/pgSQL Trigger Functions
Icon
5. PL/pgSQL Trigger Functions
Icon
Creating the trigger function
Icon
Working on a simple "Hey, I'm called" trigger
Icon
The audit trigger
Icon
Disallowing DELETE
Icon
Disallowing TRUNCATE
Icon
Modifying the NEW record
Icon
The immutable fields trigger
Icon
Controlling when a trigger is called
Icon
Visibility
Icon
Variables passed to the PL/pgSQL TRIGGER function
Icon
Summary
6
6. PostgreSQL Event Triggers
Icon
6. PostgreSQL Event Triggers
Icon
Use cases for creating event triggers
Icon
Creating event triggers
Icon
Creating an audit trail
Icon
Preventing schema changes
Icon
A roadmap of event triggers
Icon
Summary
7
7. Debugging PL/pgSQL
Icon
7. Debugging PL/pgSQL
Icon
Manual debugging with RAISE NOTICE
Icon
Visual debugging
Icon
Summary
8
8. Using Unrestricted Languages
Icon
8. Using Unrestricted Languages
Icon
Are untrusted languages inferior to trusted ones?
Icon
Can you use untrusted languages for important functions?
Icon
Will untrusted languages corrupt the database?
Icon
Why untrusted?
Icon
Quick introduction to PL/Python
Icon
Thinking out of the "SQL database server" box
Icon
Summary
9
9. Writing Advanced Functions in C
Icon
9. Writing Advanced Functions in C
Icon
The simplest C function – return (a + b)
Icon
Adding functionality to add(int, int)
Icon
Basic guidelines for writing C code
Icon
Error reporting from C functions
Icon
Running queries and calling PostgreSQL functions
Icon
Handling records as arguments or returned values
Icon
Fast capturing of database changes
Icon
Doing something at commit/rollback
Icon
Synchronizing between backends
Icon
Writing functions in C++
Icon
Additional resources for C
Icon
Summary
10
10. Scaling Your Database with PL/Proxy
Icon
10. Scaling Your Database with PL/Proxy
Icon
Creating a simple single-server chat
Icon
Dealing with success – splitting tables over multiple databases
Icon
Connection Pooling
Icon
Summary
11
11. PL/Perl – Perl Procedural Language
Icon
11. PL/Perl – Perl Procedural Language
Icon
When to use PL/Perl
Icon
Installing PL/Perl
Icon
A simple PL/Perl function
Icon
Passing and returning non-scalar types
Icon
Writing PL/Perl triggers
Icon
Untrusted Perl
Icon
Summary
12
12. PL/Tcl – Tcl Procedural Language
Icon
12. PL/Tcl – Tcl Procedural Language
Icon
Installing PL/Tcl
Icon
A simple PL/Tcl function
Icon
Passing and returning arrays
Icon
Passing composite-type arguments
Icon
Accessing databases
Icon
Writing PL/Tcl triggers
Icon
Untrusted Tcl
Icon
Summary
13
13. Publishing Your Code as PostgreSQL Extensions
Icon
13. Publishing Your Code as PostgreSQL Extensions
Icon
When to create an extension
Icon
Unpackaged extensions
Icon
Extension versions
Icon
The .control file
Icon
Building an extension
Icon
Installing an extension
Icon
Viewing extensions
Icon
Publishing your extension
Icon
Installing an extension from PGXN
Icon
Summary
14
14. PostgreSQL as an Extensible RDBMS
Icon
14. PostgreSQL as an Extensible RDBMS
Icon
What can't be extended?
Icon
Creating a new operator
Icon
Creating index access methods
Icon
Creating user-defined aggregates
Icon
Using foreign data wrappers
Icon
Summary
15
Index
Icon
Index

Auditing changes

If you need to know who did what to the data and when it was done, one way to find out is to log every action that is performed in an important table. In PostgreSQL 9.3, you can also audit the data definition language (DDL) changes to the database using event triggers. We will learn more about this in the later chapters.

There are at least two equally valid ways to perform data auditing:

  • Using auditing triggers
  • Allowing tables to be accessed only through functions and auditing inside these functions

Here, we will take a look at a minimal number of examples for both the approaches.

First, let's create the tables:

CREATE TABLE salaries(
    emp_name text PRIMARY KEY,
    salary integer NOT NULL
);

CREATE TABLE salary_change_log(
    changed_by text DEFAULT CURRENT_USER,
    changed_at timestamp DEFAULT CURRENT_TIMESTAMP,
    salary_op text,
    emp_name text,
    old_salary integer,
    new_salary integer
);
REVOKE ALL ON salary_change_log FROM PUBLIC;
GRANT ALL ON salary_change_log TO managers;

You don't generally want your users to be able to change audit logs, so only grant the managers the right to access these. If you plan to let users access the salary table directly, you should put a trigger on it for auditing:

CREATE OR REPLACE FUNCTION log_salary_change () RETURNS trigger AS $$
    BEGIN
        IF TG_OP = 'INSERT' THEN
      INSERT INTO salary_change_log(salary_op,emp_name,new_salary)
     VALUES (TG_OP,NEW.emp_name,NEW.salary);
  ELSIF TG_OP = 'UPDATE' THEN        
INSERT INTO salary_change_log(salary_op,emp_name,old_salary,new_salary)
      VALUES (TG_OP,NEW.emp_name,OLD.salary,NEW.salary);
  ELSIF TG_OP = 'DELETE' THEN
      INSERT INTO salary_change_log(salary_op,emp_name,old_salary)
      VALUES (TG_OP,NEW.emp_name,OLD.salary);
        END IF;
        RETURN NEW;
    END;
$$ LANGUAGE plpgsql SECURITY DEFINER;

CREATE TRIGGER audit_salary_change
AFTER INSERT OR UPDATE OR DELETE ON salaries
    FOR EACH ROW EXECUTE PROCEDURE log_salary_change ();

Now, let's test out some salary management:

postgres=# INSERT INTO salaries values('Bob',1000);
INSERT 0 1
postgres=# UPDATE salaries SET salary = 1100 WHERE emp_name = 'Bob';
UPDATE 1
postgres=# INSERT INTO salaries VALUES('Mary',1000);
INSERT 0 1
postgres=# UPDATE salaries SET salary = salary + 200;
UPDATE 2
postgres=# SELECT * FROM salaries;
-[ RECORD 1 ]--
emp_name | Bob
salary   | 1300
-[ RECORD 2 ]--
emp_name | Mary
salary   | 1200

Each one of these changes is saved into the salary change log table for auditing purposes:

postgres=# SELECT * FROM salary_change_log;
-[ RECORD 1 ]--------------------------
changed_by | frank
changed_at | 2012-01-25 15:44:43.311299
salary_op  | INSERT
emp_name   | Bob
old_salary | 
new_salary | 1000
-[ RECORD 2 ]--------------------------
changed_by | frank
changed_at | 2012-01-25 15:44:43.313405
salary_op  | UPDATE
emp_name   | Bob
old_salary | 1000
new_salary | 1100
-[ RECORD 3 ]--------------------------
changed_by | frank
changed_at | 2012-01-25 15:44:43.314208
salary_op  | INSERT
emp_name   | Mary
old_salary | 
new_salary | 1000
-[ RECORD 4 ]--------------------------
changed_by | frank
changed_at | 2012-01-25 15:44:43.314903
salary_op  | UPDATE
emp_name   | Bob
old_salary | 1100
new_salary | 1300
-[ RECORD 5 ]--------------------------
changed_by | frank
changed_at | 2012-01-25 15:44:43.314903
salary_op  | UPDATE
emp_name   | Mary
old_salary | 1000
new_salary | 1200

On the other hand, you may not want anybody to have direct access to the salary table, in which case you can perform the REVOKE command. The following command will revoke all privileges from PUBLIC:

REVOKE ALL ON salaries FROM PUBLIC;

Also, give users access to only two functions: the first function is for any user taking a look at salaries and the other function can be used to change salaries, which is available only to managers.

The functions will have all the access to the underlying tables because they are declared as SECURITY DEFINER, which means that they run with the privileges of the user who created them.

This is how the salary lookup function will look:

CREATE OR REPLACE FUNCTION get_salary(text)
RETURNS integer
AS $$
    -- if you look at other people's salaries, it gets logged
    INSERT INTO salary_change_log(salary_op,emp_name,new_salary)
    SELECT 'SELECT',emp_name,salary
      FROM salaries
     WHERE upper(emp_name) = upper($1)
       AND upper(emp_name) != upper(CURRENT_USER);
    -- don't log select of own salary
    -- return the requested salary
    SELECT salary FROM salaries WHERE upper(emp_name) = upper($1);
$$ LANGUAGE SQL SECURITY DEFINER;

Notice that we implemented a soft-security approach, where you can look up other people's salaries, but you have to do it responsibly, that is, only when you need to, as your manager will know that you have checked.

The set_salary() function abstracts away the need to check whether the user exists; if the user does not exist, it is created. Setting someone's salary to 0 will remove him or her from the salary table. Thus, the interface is simplified to a large extent, and the client application of these functions needs to know, and do, less:

CREATE OR REPLACE FUNCTION set_salary(i_emp_name text, i_salary int)
RETURNS TEXT AS $$
DECLARE
    old_salary integer;
BEGIN
    SELECT salary INTO old_salary
      FROM salaries
     WHERE upper(emp_name) = upper(i_emp_name);
    IF NOT FOUND THEN
        INSERT INTO salaries VALUES(i_emp_name, i_salary);
  INSERT INTO salary_change_log(salary_op,emp_name,new_salary)
      VALUES ('INSERT',i_emp_name,i_salary);
        RETURN 'INSERTED USER ' || i_emp_name;
    ELSIF i_salary > 0 THEN
        UPDATE salaries
     SET salary = i_salary
   WHERE upper(emp_name) = upper(i_emp_name);
  INSERT INTO salary_change_log
                 (salary_op,emp_name,old_salary,new_salary)
      VALUES ('UPDATE',i_emp_name,old_salary,i_salary);
        RETURN 'UPDATED USER ' || i_emp_name;
    ELSE -- salary set to 0
        DELETE FROM salaries WHERE upper(emp_name) = upper(i_emp_name);
  INSERT INTO salary_change_log(salary_op,emp_name,old_salary)
      VALUES ('DELETE',i_emp_name,old_salary);
        RETURN 'DELETED USER ' || i_emp_name;
    END IF;
END;
$$ LANGUAGE plpgsql SECURITY DEFINER;

Now, drop the audit trigger (otherwise the changes will be logged twice) and test the new functionality:

postgres=# DROP TRIGGER audit_salary_change ON salaries;
DROP TRIGGER
postgres=# 
postgres=# SELECT set_salary('Fred',750);
-[ RECORD 1 ]------------------
set_salary | INSERTED USER Fred

postgres=# SELECT set_salary('frank',100);
-[ RECORD 1 ]-------------------
set_salary | INSERTED USER frank

postgres=# SELECT * FROM salaries ;
-[ RECORD 1 ]---
emp_name | Bob
salary   | 1300
-[ RECORD 2 ]---
emp_name | Mary
salary   | 1200
-[ RECORD 3 ]---
emp_name | Fred
salary   | 750
-[ RECORD 4 ]---
emp_name | frank
salary   | 100

postgres=# SELECT set_salary('mary',0);
-[ RECORD 1 ]-----------------
set_salary | DELETED USER mary

postgres=# SELECT * FROM salaries ;
-[ RECORD 1 ]---
emp_name | Bob
salary   | 1300
-[ RECORD 2 ]---
emp_name | Fred
salary   | 750
-[ RECORD 3 ]---
emp_name | frank
salary   | 100

postgres=# SELECT * FROM salary_change_log ;
...
-[ RECORD 6 ]--------------------------
changed_by | gsmith
changed_at | 2013-01-25 15:57:49.057592
salary_op  | INSERT
emp_name   | Fred
old_salary | 
new_salary | 750
-[ RECORD 7 ]--------------------------
changed_by | gsmith
changed_at | 2013-01-25 15:57:49.062456
salary_op  | INSERT
emp_name   | frank
old_salary | 
new_salary | 100
-[ RECORD 8 ]--------------------------
changed_by | gsmith
changed_at | 2013-01-25 15:57:49.064337
salary_op  | DELETE
emp_name   | mary
old_salary | 1200
new_salary |
CONTINUE READING
83
Tech Concepts
36
Programming languages
73
Tech Tools
Icon Unlimited access to the largest independent learning library in tech of over 8,000 expert-authored tech books and videos.
Icon Innovative learning tools, including AI book assistants, code context explainers, and text-to-speech.
Icon 50+ new titles added per month and exclusive early access to books as they are being written.
PostgreSQL Server Programming - Second Edition
End of Section 1
Next Section
notes
bookmark Notes and Bookmarks search Search in title playlist Add to playlist font-size Font size

Change the font size

margin-width Margin width

Change margin width

day-mode Day/Sepia/Night Modes

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Confirmation

Modal Close icon
claim successful
Order Page Read Now

Buy this book with your credits?

Modal Close icon
Are you sure you want to buy this book with one of your credits?
Close
YES, BUY

Submit Your Feedback

Modal Close icon
Modal Close icon
Modal Close icon