search

asyncer-io / r2dbc-mysql

Reactive Relational Database Connectivity for MySQL. The official successor to mirromutth/r2dbc-mysql(dev.miku:r2dbc-mysql).
https://r2dbc.io
Apache License 2.0
184 stars 18 forks source link

Add `LOCAL INFILE` support #215

Closed mirromutth closed 5 months ago

mirromutth commented 5 months ago

Motivation:

Add LOCAL INFILE support.

See also #206 .

Modification:

Result:

Query LOCAL INFILE support.

mirromutth commented 5 months ago

Hi, @jchrys @JohnNiang

In JDBC-MySQL, allowLoadLocalInfileInPath will work only if allowLoadLocalInfile=false. The allowLoadLocalInfile option means "allow LOAD DATA LOCAL INFILE and allow it to load file data from any path". It seems to be for historical reasons.

For example:

In my opinion, r2dbc-mysql should make allowLoadLocalInfile just mean "allow LOAD DATA LOCAL INFILE", and that can be restricted by loadLocalInfileInPath. Which means, loadLocalInfileInPath will work only if allowLoadLocalInfile=true, and all LOCAL INFILE can only read files in the path.

For example:

This prevents users from accidentally setting up unrestricted file access.

Or we can make it the same as JDBC.

Any ideas?

jchrys commented 5 months ago

I agree with your idea but would like to suggest a slightly different approach.

What if we consider not supporting the allowLoadLocalInfile property? (or keep (jdbc version of)allowLoadLocalInfile = false)

I think that the property allowLoadLocalInfileInPath={path} could effectively convey the user's intentions(allowLoadLocalInfileInPath=/ for unrestricted case as well).

What are your thoughts on this?