shared

package
v0.12.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 17, 2026 License: AGPL-3.0 Imports: 6 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrReadOnlyViolation     = errors.New("write operations not permitted with read-only access")
	ErrDDLBlocked            = errors.New("DDL operations not permitted: your access grant blocks schema modifications")
	ErrPasswordChangeBlocked = errors.New("password modification is not allowed through the proxy")
	ErrOraclePatternBlocked  = errors.New("blocked: this Oracle operation is not permitted through the proxy")
	ErrMySQLPatternBlocked   = errors.New("blocked: this MySQL operation is not permitted through the proxy")
)

Validation errors shared across proxy implementations.

Functions

func IsDDLQuery 

func IsDDLQuery(sql string) bool

IsDDLQuery checks if a query is a DDL operation.

func IsPasswordChangeQuery 

func IsPasswordChangeQuery(sql string) bool

IsPasswordChangeQuery checks if a query attempts to modify user/role passwords.

func IsWriteQuery 

func IsWriteQuery(sql string) bool

IsWriteQuery checks if a query is a write operation.

func ValidateMySQLQuery added in v0.7.0 

func ValidateMySQLQuery(sql string, grant *store.Grant) error

ValidateMySQLQuery runs shared validation plus MySQL-specific blocked patterns.

func ValidateOracleQuery 

func ValidateOracleQuery(sql string, grant *store.Grant) error

ValidateOracleQuery runs shared validation plus Oracle-specific blocked patterns.

func ValidateQuery 

func ValidateQuery(sql string, grant *store.Grant) error

ValidateQuery checks SQL against grant controls. Used by both PG and Oracle proxies.

Types

type CountingConn added in v0.10.0 

type CountingConn struct {
	net.Conn
	// contains filtered or unexported fields
}

CountingConn wraps a net.Conn and atomically tracks the number of bytes read from and written to it. The two counters live outside the wrapper so a session can share them across multiple wrapped conns (e.g. client and upstream): writes to one direction on one wrapper match reads from the same direction on the other.

Total() is safe to call concurrently with Read/Write — useful for taking per-query snapshots while the proxy is mid-stream.

func NewCountingConn added in v0.10.0 

func NewCountingConn(conn net.Conn, bytesRead, bytesWritten *atomic.Int64) *CountingConn

NewCountingConn wraps conn so Read accumulates into bytesRead and Write accumulates into bytesWritten. Either counter may be nil to disable that direction (rare; the typical caller passes both).

func (*CountingConn) Read added in v0.10.0 

func (c *CountingConn) Read(p []byte) (int, error)

Read implements net.Conn. Successful byte counts are added to the read counter even when the call returns an error (n > 0 with err is a valid outcome on a closing conn — those bytes did cross the wire).

func (*CountingConn) Write added in v0.10.0 

func (c *CountingConn) Write(p []byte) (int, error)

Write implements net.Conn with the same byte-counting semantics as Read.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.