gormguard

package module
v0.1.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 8, 2026 License: MIT Imports: 3 Imported by: 0

Documentation

Overview

Package gormguard integrates sqlguard with GORM.

Analysis is driven by the single shared sqlguard core (middleware.Guard), so redaction-by-default, stable fingerprints, the pluggable real-grammar parser, slow-query timing and N+1 detection behave identically to the database/sql driver wrapper and to pgxguard. There is no parallel option surface — configure with the standard middleware options: 

gormDB, _ := gorm.Open(postgres.Open(dsn), &gorm.Config{})
gormguard.Register(gormDB,
    middleware.WithSlowQueryThreshold(500*time.Millisecond),
    middleware.WithN1Detection(10, time.Second),
)

GORM only exposes the final built SQL in its after-callback (it has not been generated when the before-callback fires), so this plugin uses the explicit Check+CheckLatency pair rather than middleware.Guard.Observe. Behaviour matches Observe semantically: static rules run on every call, latency is reported only on success.

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func Register 

func Register(db *gorm.DB, opts ...middleware.Option) error

Register is a convenience function to create and register the plugin.

Types

type Plugin 

type Plugin struct {
	// contains filtered or unexported fields
}

Plugin implements gorm.Plugin and drives every traced statement through the shared sqlguard analysis core.

func New 

func New(opts ...middleware.Option) *Plugin

New creates a new sqlguard GORM plugin. It accepts the standard sqlguard middleware options (WithAnalyzer, WithReporter, WithSlowQueryThreshold, WithParser, WithN1Detection, …) — the same option set the database/sql driver wrapper and pgxguard use, so there is no parallel configuration surface to drift.

func (*Plugin) Initialize 

func (p *Plugin) Initialize(db *gorm.DB) error

Initialize registers before/after callbacks on every GORM callback chain.

GORM v2 routes operations through six distinct callback chains:

  • Create/Update/Delete — ORM-style mutating operations
  • Query — ORM-style reads (First/Find/Take/…)
  • Row — raw SQL that returns rows (db.Raw().Scan / .Row)
  • Raw — raw SQL without rows (db.Exec)

Missing any chain silently uncovers a query class — pre-rewrite, only Create/Query/Update/Delete were hooked, so every db.Raw and db.Exec bypassed analysis (and there were no tests to catch it). All six chains are now registered.

SQL is analyzed in the after-callback because GORM has not yet rendered db.Statement.SQL when the before-callback fires for the ORM chains.

func (*Plugin) Name 

func (p *Plugin) Name() string

Name implements gorm.Plugin.

func (*Plugin) ResetN1 

func (p *Plugin) ResetN1()

ResetN1 clears N+1 tracker state. Call it at a per-request boundary (e.g. end of an HTTP handler) to scope N+1 detection to one unit of work. No-op unless WithN1Detection was passed to New / Register.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.