Skip to main content

On referential integrity

At my place of employment we have a table that looks like this:

CREATE TABLE permissions (
    id character(40) NOT NULL,
    userid character(40) REFERENCES USERS(id),
    objectid character(40) NOT NULL,
    permission character varying(15) NOT NULL
);
Note that objectid isn't a foreign key to anything. (Before I joined there was no foreign key declared for userid, either.) That is because in this schema, everything gets a unique char(40) ID, and for flexibility the designer wanted to use the same permissions storage for all tables in the database.

(The fix for this, BTW, would involve creating an "objects" table that simply held all the IDs in the system and have that referenced by both the objects tables and any table like this one that wants to be able to reference "any object." I haven't done that yet, but I'll be moving that up on my priority list now.)

About a month ago, after suitable testing, I ran an upgrade script against our live database that went something like this:

CREATE TABLE alerttypes_old AS SELECT * FROM alerttypes;
DROP TABLE alerrtypes;
-- create new table
-- insert into new table massaged data from _old

As it happens, alerttypes is one of the tables that we are interested in permissions for. I forgot to delete the appropriate entries corresponding to the old rows, but worse, I forgot to create new ones for the new alerttypes.

What makes this more surprising is that the developer who reviewed the script missed this too. But that is what happens when you don't have proper integrity constraints: sooner or later, you're going to be restoring from backup. Even if you're a smart guy. Even if you test first (on several machines). Even if you have code reviews.

Incidently, I have seen people leave out FK constraints (or drop the ones I added -- grr!) to accomodate series of statements that temporarily violate the constraint, but eventually (in theory) leave things in a correct state. The correct course here is to put your related statements in a transaction (a good idea anyway), and tell your database to check constraints when the transaction ends, not before. For postgresql, that looks like this:

acs=# begin work;
BEGIN
acs=# SET CONSTRAINTS ALL DEFERRED;
SET CONSTRAINTS
-- ...

Comments

Popular posts from this blog

Python at Mozy.com

At my day job, I write code for a company called Berkeley Data Systems. (They found me through this blog, actually. It's been a good place to work.) Our first product is free online backup at mozy.com . Our second beta release was yesterday; the obvious problems have been fixed, so I feel reasonably good about blogging about it. Our back end, which is the most algorithmically complex part -- as opposed to fighting-Microsoft-APIs complex, as we have to in our desktop client -- is 90% in python with one C extension for speed. We (well, they, since I wasn't at the company at that point) initially chose Python for speed of development, and it's definitely fulfilled that expectation. (It's also lived up to its reputation for readability, in that the Python code has had 3 different developers -- in serial -- with very quick ramp-ups in each case. Python's succinctness and and one-obvious-way-to-do-it philosophy played a big part in this.) If you try it out, pleas

A week of Windows Subsystem for Linux

I first experimented with WSL2 as a daily development environment two years ago. Things were still pretty rough around the edges, especially with JetBrains' IDEs, and I ended up buying a dedicated Linux workstation so I wouldn't have to deal with the pain.  Unfortunately, the Linux box developed a heat management problem, and simultaneously I found myself needing a beefier GPU than it had for working on multi-vector encoding , so I decided to give WSL2 another try. Here's some of the highlights and lowlights. TLDR, it's working well enough that I'm probably going to continue using it as my primary development machine going forward. The Good NVIDIA CUDA drivers just work. I was blown away that I ran conda install cuda -c nvidia and it worked the first try. No farting around with Linux kernel header versions or arcane errors from nvidia-smi. It just worked, including with PyTorch. JetBrains products work a lot better now in remote development mod

A review of 6 Python IDEs

(March 2006: you may also be interested the updated review I did for PyCon -- http://spyced.blogspot.com/2006/02/pycon-python-ide-review.html .) For September's meeting, the Utah Python User Group hosted an IDE shootout. 5 presenters reviewed 6 IDEs: PyDev 0.9.8.1 Eric3 3.7.1 Boa Constructor 0.4.4 BlackAdder 1.1 Komodo 3.1 Wing IDE 2.0.3 (The windows version was tested for all but Eric3, which was tested on Linux. Eric3 is based on Qt, which basically means you can't run it on Windows unless you've shelled out $$$ for a commerical Qt license, since there is no GPL version of Qt for Windows. Yes, there's Qt Free , but that's not exactly production-ready software.) Perhaps the most notable IDEs not included are SPE and DrPython. Alas, nobody had time to review these, but if you're looking for a free IDE perhaps you should include these in your search, because PyDev was the only one of the 3 free ones that we'd consider using. And if you aren