Work on general purpose JSONB support #14
Conversation
| SELECT * FROM users WHERE attrs @> '{"field": "value"}`; | ||
| ``` | ||
| #### `cs_ste_term_v1(val JSONB, epath TEXT)` |
There was a problem hiding this comment.
Could we make epath here json/jsonb as well? The motivation is that the JSON value would include all the info needed for generating the MAC so that Proxy doesn't need to sort out the table, column, etc based by looking at anything other than the param or literal used for the arg.
I think that we could aim to target text in SM2, but using JSON here similar to how encryption already works for other EQL functions would simplify the Proxy (MLP) logic.
There was a problem hiding this comment.
Also, what's the return type of cs_ste_term_v1 ? ore_64_8_v1?
There was a problem hiding this comment.
Yeah, I think for now that makes the most sense. I considered adding a variant of cs_ste_term_v1 which also takes a term type so we can handle other types of index terms but for now this should be enough. Does that sounds reasonable?
| } | ||
| ``` | ||
|
|
||
| `$.firstName` returns `[John]` |
There was a problem hiding this comment.
Why is the returned value in an array?
There was a problem hiding this comment.
Just to keep the same behaviour as standard JSONPath.
I used https://jsonpath.com/
| ```rb | ||
| # Serialize a JSONB value bound to the users table column | ||
| term = User::ENCRYPTED_JSONB.serialize({field: "value"}) | ||
| User.where("cs_ste_vec_v1(attrs) @> cs_ste_vec_v1(?)", term) | ||
| ``` | ||
|
|
||
| Which will execute on the server as: | ||
|
|
||
| ```sql | ||
| SELECT * FROM users WHERE cs_ste_vec_v1(attrs) @> '53T8dtvW4HhofDp9BJnUkw'; | ||
| ``` | ||
|
|
||
| And is the EQL equivalent of the following plaintext query. | ||
|
|
||
| ```sql | ||
| SELECT * FROM users WHERE attrs @> '{"field": "value"}`; | ||
| ``` |
There was a problem hiding this comment.
I really like this framing
|
Note to self: add the things that the simplified, eJSON path doesn't support. |
Work on general purpose JSONB support
No description provided.