TODO:
--- Ordered by priority ---
SubQueriesBasic support has been implemented- Need more tests
CTEsResolversNeed to evaluate path forward, Temp tables VS literal subqueries- Went with temp tables, implemented basic version, we can always do the other one if we need it.
- Plugin systems
- Plugin is a bit of a misnomer here, this is more of a module system. There are configurable slots and you can plugin in modules to the slots, this is more for core maintainers of Alchemancer than end users. We utilize this paradigm to enable support for like top level features that have different underlying implementation details
- JSON query support
- Rule system to allow/deny access to fields based on user roles
- Query cataloguing logic (Handle computing hashs for a query so you can catalogue them by hash. Hashing implementation should focus on query shape and strip out params)
- Query permissions system
- This is a rule system that allows you to define rules for which tables and columns are accessible based on user roles / permissions. You can use this system to restrict access to certain tables or columns based on the user's role.
- Query limiting configuration
- This is a configuration system that allows implementors to specify default limits for certain models in their database to prevent returning too much data.
- User Docs
- Implementer Docs
- Tutorials
- FastAPI example
- Django example
- Flask example
Required Features:
| Temp Tables | CTE / Literal Subquery | |||
|---|---|---|---|---|
| Postgres | ✔ ️ | |||
| Sqlite | ? | |||
| MySQL | ✔ | |||
| MsSql | ✔ | |||
| Oracle | ✔ |
| JSON | |
|---|---|
| Postgres | ✔ ️ |
| Sqlite | ✔ |
| MySQL | ✔ |
| MsSql | ✔ |
| Oracle | ✔ |
---> Core (alchemancer)
|
|------Postgres (alchemancer[postgres]) ----|---------- Flask (Pure Sqlalchemy)
|------Sqlite (alchemancer[sqlite]) --------|
|------MySQL (alchemancer[mysql]) ----------|---------- Django
|------MsSql (alchemancer[mssql]) ----------|
|------Oracle (alchemancer[oracle]) --------|---------- FastAPI
flowchart TD
A[SqlAlchemy]
AA[Alchemancer Core]
AAH[Alchemancer Core Plugin Hooks]
P[Postgres]
M[Mysql]
S[Sqlite]
O[Oracle]
MS[Microsoft SQL Server]
AP[Alchemancer Postgres]
AM[Alchemancer Mysql]
AS[Alchemancer Sqlite]
AO[Alchemancer Oracle]
AMS[Alchemancer Microsoft SQL Server]
U[User Application]
C[Custom User Plugins]
US[User Query Endpoint]
P -->|#1 Support| AP
M -->|#2 Support| AM
S -->|#3 Support| AS
O -->|#5 Support| AO
MS -->|#4 Support| AMS
AP --> AAH
AM --> AAH
AS --> AAH
AO --> AAH
AMS --> AAH
A --> AA --> U --> US
U -->|Custom sqlalchemy functions, resolvers, etc| C --> AAH
AAH --> AA
- Does this library expose my database connection info to clients?
- No, the library does not expose any database connection info to clients. The library is designed to be used in a server-side application where the database connection info is kept secure and not exposed to clients.
- Does this library expose the ability to insert, update or delete records in my database?
- No, this library is only designed to expose read-only access to your database. The library does not provide any functionality for inserts, updates or deletes. If that is needed please use sqlalchemy directly.
- How do I prevent users from accessing certain tables or columns?
- The library provides a rule system that allows you to define rules for which tables and columns are accessible based on user roles. You can use this system to restrict access to certain tables or columns based on the user's role.
- How do I prevent DOS attacks when using this library?
- There will be a query limit configuration system that allows implementors to specify default limits for certain models in their database to prevent returning too much data.
- You should also consider leveraging authorization, authentication and rate limiting on your API endpoints to prevent DOS attacks.