feat(ste_vec): add jsonb parameter variants for containment functions #160
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Enable indexing on eql_v2_encrypted columns without needing function helpers
…on-workflow EQL: remove zero-downtime migration workflow
…data jsonb accessors return with metadata
fix: drop eql schema on install
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
Co-authored-by: Copilot <[email protected]>
PR_BYPASS: out of date docs with new customer onboardings beginning
Co-authored-by: Lindsay Holmwood <[email protected]>
Verify that containment queries use Seq Scan before index creation and switch to using the GIN index after creation. Exports explain_query and assert_uses_seq_scan helpers to support this test pattern.
SQL examples using undefined 'search_value' variable would cause "column does not exist" errors if copied verbatim. Changed to $1 placeholder to indicate query parameter usage. Fixes common issue identified by dual-verification review.
Documentation fixes (from cross-checked verification): - E1-1: Add integer -> operator documentation for array indexing - E1-2: Clarify sv/ste_vec is a storage field, not an index term type - E1-3: Correct ->> return type from "ciphertext" to "encrypted value as text" - E1-4: Document ste_vec(jsonb) overload alongside ste_vec(eql_v2_encrypted) - E1-5: Add note about -> vs ->> operator asymmetry (integer index support) Rust lint fixes: - Apply cargo fmt formatting to lib.rs and containment_with_index_tests.rs
feat(ste_vec): add GIN-indexable containment using jsonb arrays
Add overloaded variants of jsonb_contains and jsonb_contained_by that accept mixed types (eql_v2_encrypted, jsonb) to support queries where one operand is an encrypted column and the other is plain JSONB. New functions: - jsonb_contains(eql_v2_encrypted, jsonb) - jsonb_contains(jsonb, eql_v2_encrypted) - jsonb_contained_by(eql_v2_encrypted, jsonb) - jsonb_contained_by(jsonb, eql_v2_encrypted)
Update get_ste_vec_encrypted and add get_ste_vec_sv_element to return serde_json::Value instead of String. This: - Aligns Postgres jsonb type with Rust serde_json::Value - Avoids double-quoting issues with embedded apostrophes - Allows programmatic JSON inspection without extra parsing - Callers use .to_string() when a literal is needed Updated existing tests to use ::jsonb cast instead of ::eql_v2_encrypted since the helper now returns just the .data field (JSONB portion).
These tests expose a bug in jsonb_contains - partial containment (searching for a single sv element) doesn't work correctly. Tests verify: - Single sv element should be found in its parent row - GIN index should be used for partial containment queries - Element should match exactly one row
Tests verify that containment works with prepared statements using sqlx .bind() in addition to literal string substitution.
Tests verify jsonb_contains(encrypted, jsonb) and jsonb_contained_by(jsonb, encrypted) work with partial containment (single sv elements).
Replace with simpler literal-based tests that don't use subqueries. The new tests are clearer and test with both literal values and parameterized statements.
Consolidate from 17 tests to 4 base tests. Removes 13 redundant jsonb_contains(encrypted, jsonb) variations. Next commit will add focused tests covering all 6 operator/type combinations.
Enables encrypted-to-encrypted containment tests by providing a helper to fetch two distinct encrypted values from the same table.
Final cleanup: 10 focused tests covering all 6 operator/type combinations plus 2 sanity tests and 2 helper validation tests. Coverage matrix complete: - jsonb_contains(encrypted, jsonb_param) ✓ - jsonb_contains(encrypted, encrypted) ✓ - jsonb_contains(jsonb_param, encrypted) ✓ - jsonb_contained_by(encrypted, jsonb_param) ✓ - jsonb_contained_by(encrypted, encrypted) ✓ - jsonb_contained_by(jsonb_param, encrypted) ✓
- Remove unnecessary .to_string() calls in format args - Remove redundant serde_json import
tobyhede
force-pushed
the
jsonb-contains-variants
branch
from
eb02139 to
66fad9f
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
jsonb_containsandjsonb_contained_bythat accept mixed types (eql_v2_encrypted,jsonb)New Functions
jsonb_contains(eql_v2_encrypted, jsonb)jsonb_contains(jsonb, eql_v2_encrypted)jsonb_contained_by(eql_v2_encrypted, jsonb)jsonb_contained_by(jsonb, eql_v2_encrypted)Test plan