1

Chapter 7System Aspects of SQL

SQL in a Programming EnvironmentTransactionsAuthorization

2

7.1 SQL in a Programming Environment

Host Languages: Any conventional language can be a host

language, that is, a language in which SQL calls are embedded.

The use of a host/SQL combination allows us to do anything computable, yet still get the very-high-level SQL interface to the database.

3

7.1.1 Embedded SQL

Key idea: Use a preprocessor to turn SQL statements into procedure calls that fit with the host-language code surrounding.

All embedded SQL statements begin with EXEC SQL, so the preprocessor can find them easily.

4

Alwaysneeded

Shared Variables

To connect SQL and the host-language program, the two parts must share some variables.

Declarations of shared variables are bracketed by:

EXEC SQL BEGIN DECLARE SECTION;

<host-language declarations>

EXEC SQL END DECLARE SECTION;

5

Use of Shared Variables In SQL, the shared variables must be preceded

by a colon. They may be used as constants provided by the

host-language program. They may get values from SQL statements and pass

those values to the host-language program. In the host language, shared variables behave

like any other variable.

6

Example: C Plus SQL——Insert a new studio

void printNetWorth() {

EXEC SQL BEGIN DECLARE SECTION;

char char studioName[15];

int presNetWorth;

char SQLSTATE[6];

EXEC SQL END DECLARE SECTION;

/* print request that studio name and address be entered and read response into variables studioName and studioAddr */

EXEC SQL INSERT INTO Studio(name,address)

VALUES(:studioName, :studioAddr);

}

7

Cursor Statements

Declare a cursor c with:

EXEC SQL DECLARE c CURSOR FOR <query>; Open and close cursor c with:

EXEC SQL OPEN CURSOR c;

EXEC SQL CLOSE CURSOR c; Fetch from c by:

EXEC SQL FETCH c INTO <variable(s)>; Macro NOT FOUND is true if and only if the FETCH

fails to find a tuple.

8

7.1.2 Dynamic SQL Most applications use specific queries and

modification statements in their interaction with the database. Thus, we can compile the EXEC SQL … statements

into specific procedure calls and produce an ordinary host-language program that uses a library.

What if the program is something like a generic query interface, that doesn’t know what it needs to do until it runs?

9

Two steps for Dynamic SQL

1) Preparing a query:EXEC SQL PREPARE <query-name>

FROM <text of the query>;

2) Executing a query:EXEC SQL EXECUTE <query-name>; “Prepare” = optimize query. Prepare once, execute many times.

10

Example: A Generic Interface

EXEC SQL BEGIN DECLARE SECTION;char query[MAX_LENGTH];

EXEC SQL END DECLARE SECTION;while(1) {

/* issue SQL> prompt *//* read user’s query into array query */EXEC SQL PREPARE q FROM :query;EXEC SQL EXECUTE q;

}q is an SQL variablerepresenting the optimizedform of whatever statementis typed into :query

11

7.2 Transactions7.2.1/2 Serializability & Atomicity

Database systems are normally being accessed by many users or processes at the same time.(e.g. Airline reservations) Both queries and modifications.

Unlike Operating Systems, which support interaction of processes, a DMBS needs to keep processes from troublesome interactions.(e.g. Banking)

12

Example: Bad Interaction

You and your spouse each take $100 from different ATM’s at about the same time. The DBMS better make sure one account

deduction doesn’t get lost.

Compare: An OS allows two people to edit a document at the same time. If both write, one’s changes get lost.

13

7.2.3 Transactions

A transaction is a collection of one or more operations on the database that must be executed atomically, that is, either all operations are performed or none are.

14

ACID Transactions

A DBMS is expected to support “ACID transactions,” which are: Atomic: Either the whole process is done or none is. Consistent: Database constraints are preserved. Isolated: It appears to the user as if only one process

executes at a time. Durable: Effects of a process do not get lost if the

system crashes.

15

Transactions in SQL

SQL supports transactions, often behind the scenes. Each statement issued at the generic query

interface is a transaction by itself. In programming interfaces like Embedded SQL

or PSM, a transaction begins the first time an SQL statement is executed and ends with the program or an explicit end.

16

COMMIT

The SQL statement COMMIT causes a transaction to complete. It’s database modifications are now permanent

in the database.

17

ROLLBACK

The SQL statement ROLLBACK also causes the transaction to end, but by aborting. No effects on the database.

Failures like division by 0 can also cause rollback, even if the programmer does not request it.

18

7.4 Authorization

A file system identifies certain privileges on the objects (files) it manages. Typically read, write, execute.

A file system identifies certain participants to whom privileges may be granted. Typically the owner, a group, all users.

19

Privileges --- 1

SQL identifies a more detailed set of privileges on objects (relations) than the typical file system.

Nine privileges in all, some of which can be restricted to one column of one relation.

20

Privileges --- 2

Some important privileges on a relation:1. SELECT = right to query the relation.

2. INSERT = right to insert tuples. May apply to only one attribute.

3. DELETE = right to delete tuples.

4. UPDATE = right to update tuples. May apply to only one attribute.

21

Example: Privileges

For the statement below:INSERT INTO Studio(name)

SELECT DISTINCT studioNameFROM Movie

WHERE studioName NOT IN (SELECT name FROM Studio);

We require privileges INSERT on Studio and SELECT on Studio and Movie.

22

Authorization ID’s

A user is referred to by authorization ID, typically their name.

There is an authorization ID PUBLIC. Granting a privilege to PUBLIC makes it

available to any authorization ID.

23

Granting Privileges

You have all possible privileges on the objects, such as relations, that you create.

You may grant privileges to other users (authorization ID’s), including PUBLIC.

You may also grant privileges WITH GRANT OPTION, which lets the grantee also grant this privilege.

24

The GRANT Statement

To grant privileges, say:

GRANT <list of privileges>

ON <relation or other object>

TO <list of authorization ID’s>; If you want the recipient(s) to be able to

pass the privilege(s) to others add:

WITH GRANT OPTION

25

Example: GRANT

Suppose you are the owner of Studio. You may say:

GRANT SELECT, INSERT

ON Studio

TO kirk,picard;

26

Example: Grant Option

Suppose we also grant:

GRANT SELECT, INSERT

ON Studio

TO kirk, picard; Now, kirk and picard can not only select or

insert any attribute of Studio, but can grant to others the privilege SELECT and INSERT on Studio.

27

Revoking Privileges To revoke privileges, say:

REVOKE <list of privileges>

ON <relation or other object>

FROM <list of authorization ID’s>; Your grant of these privileges can no longer be

used by these users to justify their use of the privilege. But they may still have the privilege because they

obtained it independently from elsewhere.

28

REVOKE Options We must append to the REVOKE statement

either:1. CASCADE. Now, any grants made by a

revokee are also not in force, no matter how far the privilege was passed.

2. RESTRICT. If the privilege has been passed to others, the REVOKE fails as a warning that something else must be done to “chase the privilege down.”

29

Summary Embedded SQL: write programs that embed

SQL queries in a conventional host language. Dynamic SQL: the host program may create

character strings that are interpreted by the SQL system and executed.

Transaction: Atomic, Consistent, Isolated, Durable.

Privileges: by using GRANT and REVOKE.

30

Exercises

Required reading: 7.2, 7.4, Summary Recommend reading: 7.1