fix(policy): move action sub queries to CTE in sm list and match sql #2369
Conversation
github-actions
bot
added
comp:db
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hello @strantalis, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!
Summary of Changes
Hello team, Gemini here with a summary of this pull request. This PR focuses on optimizing the database queries used for listing and matching subject mappings within the policy service. The primary change involves refactoring the SQL queries to replace subqueries fetching associated actions with a Common Table Expression (CTE). This approach is generally favored for potentially improving query performance and readability, especially when the same subquery logic is repeated or when the results of the subquery are needed multiple times within the main query. The Go code interacting with these queries has also been updated to correctly handle the data structure returned by the refactored queries. Additionally, there are minor changes to a test file and a comment update in a model struct.
Highlights
- SQL Query Optimization: The
listSubjectMappingsandmatchSubjectMappingsSQL queries inquery.sqlhave been refactored to use asubject_actionsCTE. This CTE pre-calculates the standard and custom actions associated with each subject mapping, allowing the main query to join with it instead of executing subqueries for each row. - Go Code Updates: The Go functions
ListSubjectMappingsandGetMatchedSubjectMappingsinsubject_mappings.gohave been updated to correctly process the action data returned by the refactored SQL queries. This includes explicitly marshaling the action data (which comes back asinterface{}) into JSON bytes before unmarshalling it into the expected protobuf structure. - Test File Refactoring: The integration test file
subject_mappings_test.gohad its test suite setup functionTestSubjectMappingSuitemoved from the end of the file to the beginning for better organization. - Model Comment Update: A clarifying comment was added to the
SelectorValuesfield in theSubjectConditionSetstruct inmodels.goto explain its purpose and how it's maintained.
Changelog
- service/integration/subject_mappings_test.go
- Moved the
TestSubjectMappingSuitefunction definition from the end of the file to the beginning (added lines 61-66, removed lines 1774-1779).
- Moved the
- service/policy/db/models.go
- Added a comment to the
SelectorValuesfield in theSubjectConditionSetstruct to clarify its purpose (updated line 379).
- Added a comment to the
- service/policy/db/query.sql
- Refactored the
listSubjectMappingsquery to introduce asubject_actionsCTE for fetching actions and updated the mainSELECTandGROUP BYclauses to use the CTE (added lines 1215-1228, removed lines 1221-1232, updated lines 1235-1236, updated lines 1252-1264). - Refactored the
matchSubjectMappingsquery to introduce thesubject_actionsCTE for fetching actions and updated the mainSELECTandGROUP BYclauses to use the CTE (added lines 1297-1310, removed lines 1286-1297, updated lines 1314-1315, updated lines 1339-1343).
- Refactored the
- service/policy/db/subject_mappings.go
- Updated
ListSubjectMappingsto explicitly marshal action data frominterface{}to JSON bytes before unmarshalling (added lines 407-417, updated line 408). - Updated
GetMatchedSubjectMappingsto explicitly marshal action data frominterface{}to JSON bytes before unmarshalling (added lines 571-581, updated line 560).
- Updated
Using Gemini Code Assist
The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.
Invoking Gemini
You can request assistance from Gemini at any point in your pull request via creating an issue comment (i.e. comment on the pull request page) using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands.
| Feature | Command | Description |
|---|---|---|
| Code Review | /gemini review |
Performs a code review for the current pull request in its current state. |
| Pull Request Summary | /gemini summary |
Provides a summary of the current pull request in its current state. |
| Comment | @gemini-code-assist | Responds in comments when explicitly tagged, both in issue comments and review comments. |
| Help | /gemini help |
Displays a list of available commands. |
Customization
To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.
Limitations & Feedback
Gemini Code Assist is currently in preview and may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments to provide feedback.
You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.
SQL queries run,
Subqueries were the way,
Now CTEs shine.
Footnotes
-
Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩
There was a problem hiding this comment.
Code Review
This pull request refactors the SQL queries for listSubjectMappings and matchSubjectMappings to use Common Table Expressions (CTEs) for fetching associated actions. This is a good improvement for query readability and potentially for performance. The Go code in service/policy/db/subject_mappings.go has been correctly adapted to handle the changes in data types returned by sqlc for these modified queries.
Overall, the changes are positive. The main point to address is confirming the test coverage for these modifications.
Summary of Findings
- SQL Query Refactoring: The use of Common Table Expressions (CTEs) in
listSubjectMappingsandmatchSubjectMappingsto aggregate actions is a good improvement. It enhances query readability and can sometimes offer performance benefits over correlated subqueries. This was not commented on directly due to review settings. - SQL GROUP BY Clauses: The
GROUP BYclauses in the modified SQL queries have been updated to explicitly include all non-aggregated columns from theSELECTlist that are involved in constructing JSON objects. This is good practice for clarity and correctness. This was not commented on directly due to review settings. - SQL Style: The change from
truetoTRUEin SQLWHEREclauses is a minor stylistic improvement, aligning with standard SQL keyword casing. This was not commented on directly due to review settings. - Model Documentation: The comment for
SelectorValuesinservice/policy/db/models.gohas been updated to be more descriptive, which is a good documentation improvement. This was not commented on directly due to review settings. - Test File Organization: The
TestSubjectMappingSuitefunction inservice/integration/subject_mappings_test.gowas moved to an earlier position in the file. This is a minor organizational change. This was not commented on directly due to review settings.
Merge Readiness
The pull request introduces beneficial refactoring to SQL queries and necessary adaptations in the Go code. However, before merging, it's important to address the test coverage. The checklist items for tests in the PR description are unchecked, and confirmation is needed regarding whether existing tests are sufficient or if updates/new tests are required for these changes. I recommend addressing the testing aspect before this PR is merged. As an AI, I am not authorized to approve pull requests.
🤖 I have created a release *beep* *boop* --- ## [0.6.0](service/v0.5.5...service/v0.6.0) (2025-06-06) ### Features * **authz:** DSPX-894 auth svc registered resource GetEntitlement support ([#2358](#2358)) ([a199aa7](a199aa7)) * **authz:** improve v2 request proto validation ([#2357](#2357)) ([f927b99](f927b99)) * **core:** DSPX-608 - Deprecate public_client_id ([#2185](#2185)) ([0f58efa](0f58efa)) * **policy:** Return Simple Kas Keys from non-Key RPCs ([#2387](#2387)) ([5113e0e](5113e0e)) * **policy:** Unique name for the key provider. ([#2391](#2391)) ([bb58b78](bb58b78)) * **policy:** Update simple kas key ([#2378](#2378)) ([09d8239](09d8239)) ### Bug Fixes * **deps:** bump github.com/opentdf/platform/protocol/go from 0.3.6 to 0.4.0 in /service ([#2399](#2399)) ([1c6fa75](1c6fa75)) * **deps:** bump the external group across 1 directory with 21 updates ([#2401](#2401)) ([3d0d4d1](3d0d4d1)) * **policy:** move action sub queries to CTE in sm list and match sql ([#2369](#2369)) ([0fd6feb](0fd6feb)) * **policy:** protovalidate deprecated action types and removal of gRPC gateway in subject mappings svc ([#2377](#2377)) ([54a6de0](54a6de0)) * **policy:** remove gRPC gateway in policy except where needed ([#2382](#2382)) ([1937acb](1937acb)) * **policy:** remove support for creation/updation of SubjectMappings with deprecated proto actions ([#2373](#2373)) ([3660200](3660200)) --- This PR was generated with [Release Please](https://github.com/googleapis/release-please). See [documentation](https://github.com/googleapis/release-please#release-please). Co-authored-by: opentdf-automation[bot] <149537512+opentdf-automation[bot]@users.noreply.github.com>
Proposed Changes
Checklist
Testing Instructions