Skip to content

Add support for View Refresh operation #25906

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: master
Choose a base branch
from
Open

Add support for View Refresh operation #25906

wants to merge 3 commits into from
+939 −0

Conversation

Praveen2112
Copy link
Member

@Praveen2112 Praveen2112 commented Jun 2, 2025
edited
Loading

Description

We introduce a new syntax to perform the refresh operation on a view definition - i.e say if we create a view on an existing table like CREATE VIEW v1 AS SELECT * FROM table_1 and if the table_1 has a schema changes like adding or dropping a column then the view is unaccessible and we need to run CREATE OR REPLACE VIEW ... to update the view definition - instead on running CREATE OR REPLACE VIEW ... we add support for ALTER VIEW ... REFRESH which gets the view definition, analyzes and refreshes view object accordingly.

Additional context and related issues

Release notes

( ) This is not user-visible or is docs only, and no release notes are required.
( ) Release notes are required. Please propose a release note for me.
(x) Release notes are required, with the following suggested text:

## General
* Add support for view refresh operation. ({issue}`issuenumber`)

## Memory
* Add support for view refresh operation. ({issue}`issuenumber`)

@cla-bot cla-bot bot added the cla-signed label Jun 2, 2025
@github-actions github-actions bot added the memory Memory connector label Jun 2, 2025
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch 3 times, most recently from d4d2432 to 8379d8d Compare June 3, 2025 12:04
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from 8379d8d to ace74e7 Compare June 23, 2025 11:10
@github-actions github-actions bot added iceberg Iceberg connector delta-lake Delta Lake connector hive Hive connector labels Jun 23, 2025
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch 6 times, most recently from 711e3aa to 60c99de Compare June 23, 2025 13:06
@Praveen2112 Praveen2112 marked this pull request as ready for review June 23, 2025 13:45
@Praveen2112 Praveen2112 requested a review from Copilot June 23, 2025 14:11
Copilot
Copilot AI reviewed Jun 23, 2025
View reviewed changes
Copy link

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds a new SQL command ALTER VIEW ... REFRESH to update view definitions when underlying tables change, along with full parser, analyzer, execution, security, metadata, and connector support.

  • Introduce RefreshView AST node, parser rule, and SQL formatter.
  • Implement RefreshViewTask for execution and hook into metadata, tracing, and access control.
  • Add connector behavior flag SUPPORTS_REFRESH_VIEW, tests across in-memory and other connectors.

Reviewed Changes

Copilot reviewed 45 out of 45 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
testing/trino-testing/src/main/java/io/trino/testing/TestingConnectorBehavior.java Add SUPPORTS_REFRESH_VIEW flag
testing/trino-testing/src/main/java/io/trino/testing/BaseConnectorTest.java Add testRefreshView integration test
service/trino-verifier/src/main/java/io/trino/verifier/VerifyCommand.java Map RefreshView to MODIFY query type
plugin/trino-memory/src/main/java/io/trino/plugin/memory/MemoryMetadata.java Implement refreshView in memory connector
plugin/trino-iceberg/src/test/java/io/trino/plugin/iceberg/BaseIcebergConnectorTest.java Disable refresh view behavior for Iceberg
plugin/trino-hive/src/test/java/io/trino/plugin/hive/BaseHiveConnectorTest.java Disable refresh view behavior for Hive
plugin/trino-hive/src/main/java/io/trino/plugin/hive/security/SqlStandardAccessControl.java Add checkCanRefreshView
plugin/trino-delta-lake/src/test/java/io/trino/plugin/deltalake/TestDeltaLakeConnectorTest.java Disable refresh view behavior for Delta Lake
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/security/ForwardingSystemAccessControl.java Forward checkCanRefreshView
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/security/ForwardingConnectorAccessControl.java Forward checkCanRefreshView
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/security/FileBasedSystemAccessControl.java Implement checkCanRefreshView for file-based system ACL
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/security/FileBasedAccessControl.java Implement checkCanRefreshView for file-based connector ACL
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/security/AllowAllSystemAccessControl.java No-op checkCanRefreshView
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/security/AllowAllAccessControl.java No-op checkCanRefreshView
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/classloader/ClassLoaderSafeConnectorMetadata.java Delegate refreshView under classloader
lib/trino-plugin-toolkit/src/main/java/io/trino/plugin/base/classloader/ClassLoaderSafeConnectorAccessControl.java Delegate checkCanRefreshView under classloader
core/trino-spi/src/main/java/io/trino/spi/security/SystemAccessControl.java Add default checkCanRefreshView
core/trino-spi/src/main/java/io/trino/spi/security/AccessDeniedException.java Add denyRefreshView methods
core/trino-spi/src/main/java/io/trino/spi/connector/ConnectorMetadata.java Define default refreshView stub
core/trino-spi/src/main/java/io/trino/spi/connector/ConnectorAccessControl.java Define default checkCanRefreshView stub
core/trino-parser/src/test/java/io/trino/sql/parser/TestSqlParser.java Add parser test for ALTER VIEW ... REFRESH
core/trino-parser/src/test/java/io/trino/sql/TestSqlFormatter.java Add formatter test for RefreshView
core/trino-parser/src/main/java/io/trino/sql/tree/RefreshView.java New AST node for RefreshView
core/trino-parser/src/main/java/io/trino/sql/tree/AstVisitor.java Add visitor method for RefreshView
core/trino-parser/src/main/java/io/trino/sql/parser/AstBuilder.java Parse refreshView rule to AST
core/trino-parser/src/main/java/io/trino/sql/SqlFormatter.java SQL formatter for RefreshView
core/trino-main/src/test/java/io/trino/metadata/AbstractMockMetadata.java Stub refreshView to throw in mock metadata
core/trino-main/src/test/java/io/trino/execution/TestRefreshViewTask.java Unit tests for RefreshViewTask
core/trino-main/src/test/java/io/trino/execution/BaseDataDefinitionTaskTest.java Setup schema for view refresh task tests
core/trino-main/src/main/java/io/trino/util/StatementUtils.java Map RefreshView to RefreshViewTask
core/trino-main/src/main/java/io/trino/tracing/TracingMetadata.java Trace refreshView calls
core/trino-main/src/main/java/io/trino/tracing/TracingConnectorMetadata.java Trace connector refreshView
core/trino-main/src/main/java/io/trino/tracing/TracingAccessControl.java Trace checkCanRefreshView
core/trino-main/src/main/java/io/trino/sql/analyzer/StatementAnalyzer.java Scope assignment for RefreshView
core/trino-main/src/main/java/io/trino/server/QueryExecutionFactoryModule.java Bind RefreshViewTask
core/trino-main/src/main/java/io/trino/security/InjectedConnectorAccessControl.java Inject checkCanRefreshView into connector ACL
core/trino-main/src/main/java/io/trino/security/ForwardingAccessControl.java Forward checkCanRefreshView in access control
core/trino-main/src/main/java/io/trino/security/DenyAllAccessControl.java Deny-all checkCanRefreshView implementation
core/trino-main/src/main/java/io/trino/security/AllowAllAccessControl.java Allow-all checkCanRefreshView implementation
core/trino-main/src/main/java/io/trino/security/AccessControlManager.java Wire up system & catalog checkCanRefreshView
core/trino-main/src/main/java/io/trino/security/AccessControl.java Add interface method checkCanRefreshView
core/trino-main/src/main/java/io/trino/metadata/MetadataManager.java Invoke connector refreshView
core/trino-main/src/main/java/io/trino/metadata/Metadata.java Interface method refreshView
core/trino-main/src/main/java/io/trino/execution/RefreshViewTask.java New task to refresh view definitions
core/trino-grammar/src/main/antlr4/io/trino/grammar/sql/SqlBase.g4 Add refreshView grammar rule

ebyhr
ebyhr reviewed Jun 24, 2025
View reviewed changes
kasiafi
kasiafi reviewed Jun 24, 2025
View reviewed changes
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from 60c99de to 48fa4a9 Compare July 15, 2025 12:51
@Praveen2112 Praveen2112 requested a review from ebyhr July 15, 2025 12:52
@Praveen2112 Praveen2112 requested review from kasiafi and marcinsbd July 15, 2025 12:52
@Praveen2112
Copy link
Member Author

@ebyhr , @kasiafi , @marcinsbd Thanks a lot for the review. AC

@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch 2 times, most recently from 9778a24 to ef836ed Compare July 17, 2025 05:45
ebyhr
ebyhr approved these changes Jul 18, 2025
View reviewed changes
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from ef836ed to 38a558b Compare July 18, 2025 15:25
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from 38a558b to c6df88c Compare July 18, 2025 15:27
@Praveen2112
Copy link
Member Author

@ebyhr Thanks a lot for the review. AC

kasiafi
kasiafi approved these changes Jul 21, 2025
View reviewed changes
core/trino-main/src/main/java/io/trino/execution/RefreshViewTask.java

accessControl.checkCanRefreshView(session.toSecurityContext(), viewName);

Identity identity = session.getIdentity();
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think that ideally the view definition should always be refreshed by the same identity that initially created the view.
I understand it is not possible in the current model because we don't keep this information for the "run as invoker" views. Refreshing the view by the same identity who would run the view is the second best option imo.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would like to retain the secuirty mode for refresh like we do for execution - Ideally the same could be enforced via access control mechansim as well.

Refreshing the view by the same identity who would run the view is the second best option imo.

Can you explain it a bit.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would like to retain the secuirty mode for refresh like we do for execution

It is not obvious to me that we should refresh in the same mode as we execute the view.
To keep the view semantics as close to the original as possible, we should re-define it as the original creator. This is not always possible though, since we lose the original creator info in case of the "run as invoker" views.
I think that ideally we should decouple the view creator from the "run as identity". For now, we can just refresh as the "executing" identity. What do you think?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To keep the view semantics as close to the original as possible, we should re-define it as the original creator.

I agree with this - we should redfine it via the owner identity.

For now, we can just refresh as the "executing" identity. What do you think?

But it wouldn;t work for the definer views right ? Let’s say if we have an access to the table only for the owner and accessing/refreshing via executing identity might not fail to refresh the views.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed. The refresh can fail when run by a non-owner. I was thinking of a hypothetical situation when the view semantics actually differs for the owner and the executing identity -- for example if there was a mechanism to hide some columns from some users. If a random user refreshed the view, everyone would get their subset of columns.

This is why I said we should always refresh as the owner.
Do you know what it takes to do so?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

for example if there was a mechanism to hide some columns from some users

But the same would happen for executing the views as well right ? Today a user could create a view SELECT * ... which has 10 columns with invoker mode and now when another user praveen access them it would fail with column mismatch. It is more of an invoker mode limitation which is being seen here.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Agreed, I think we're getting to the same point. I the owner refreshes the view, we get the original intended semantics. If another user refreshes the view, they will impose their semantics not only for themselves but also for everyone who will execute that view later.

Regarding the current implementation: the view is refreshed

  • by the owner for "definer" views
  • by the current identity for "invoker" views

We want it to be always the owner. But the issue is that for "invoker" views we don't know who the owner is.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We want it to be always the owner. But the issue is that for "invoker" views we don't know who the owner is.

Yes - either we need to disable refreshing those views and maybe we could set authorization to set the owner and run them once again.

@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from c6df88c to aed5d37 Compare July 21, 2025 20:50
chenjian2664
chenjian2664 reviewed Jul 22, 2025
View reviewed changes
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch 2 times, most recently from aede571 to e7a4afb Compare July 22, 2025 08:03
@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from e7a4afb to fbe4d82 Compare July 23, 2025 11:37
@Praveen2112
Copy link
Member Author

@kasiafi / @chenjian2664 Thanks a lot for the review. AC

@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from fbe4d82 to d426175 Compare July 24, 2025 06:31
@Praveen2112
Copy link
Member Author

@ebyhr / @kasiafi I did an additional test coverage for refreshing views with access control. PTAL.

@Praveen2112 Praveen2112 force-pushed the praveen/view_refresh branch from d426175 to 7ad3d42 Compare July 24, 2025 07:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chenjian2664 chenjian2664 chenjian2664 left review comments

Copilot code review Copilot Copilot left review comments

@ebyhr ebyhr ebyhr approved these changes

@kasiafi kasiafi kasiafi approved these changes

@ssheikin ssheikin Awaiting requested review from ssheikin

@krvikash krvikash Awaiting requested review from krvikash

@pajaks pajaks Awaiting requested review from pajaks

@marcinsbd marcinsbd Awaiting requested review from marcinsbd

Assignees
No one assigned
Labels
cla-signed delta-lake Delta Lake connector hive Hive connector iceberg Iceberg connector memory Memory connector syntax-needs-review
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Praveen2112 @ebyhr @chenjian2664 @kasiafi @marcinsbd