Data Management (DMS) integrates the SQL review optimization feature into security rules. After you submit SQL statements for data change or on the SQLConsole tab, DMS reviews the submitted SQL statements based on the specifications in security rules and offers optimization suggestions. This topic shows you how to configure security rules for reviewing SQL statements and perform data change.

Overview

Security rules contain default SQL review rules. For example, the table must contain remarks, a NULL value cannot be inserted into a NOT NULL column in the INSERT statement, and the names of fields in the INSERT statement cannot be duplicated.

When developers submit SQL statements, the SQL review optimization feature reviews the submitted SQL statements and checks whether the table properties, column properties, index properties, data query rules, and data change rules meet the requirements. This helps database administrators (DBAs) review the submitted SQL statements and improves the quality of R&D. For more information, see SQL review optimization.

Preparations

  • Create a table named migration_job. You can use the following SQL statement to create the table:
    CREATE TABLE `migration_job` (
      `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'Primary key',
      `gmt_create` datetime NOT NULL COMMENT 'Creation time',
      `ref_id` bigint(20) unsigned NOT NULL COMMENT '',
      PRIMARY KEY (`id`)
    ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='Test';
  • If a database instance is managed in Security Collaboration mode, you can create a custom security rule set and associate the instance with the security rule set that you create. For more information, see Create security rules and Change the security rules of a database instance.

Step 1: Configure security rules

  1. Log on to the DMS console.
  2. In the top navigation bar, move the pointer over the More icon and choose System > Security Rules. The Security Rules tab appears.
  3. Find the security rule set that you want to modify and click Edit in the Actions column.
    SQL review optimization: Edit a security rule
  4. In the left-side pane of the Details tab, click the SQL audit optimization recommendations tab.
  5. Find the rule named Table must have primary key and click Edit in the Actions column.
    Edit an SQL review rule
    Note You can click the Filter icon icon to the right of Tag, Behavioral action, or Status to filter rules. The Tag parameter specifies the scope within which a rule is effective. A rule can apply to data definition language (DDL) statements and data manipulation language (DML) statements that are used to insert, delete, update, or query data. The Status parameter specifies whether a rule is enabled or disabled.
  6. In the Rule content configuration dialog box, set the parameters as required. The following table describes the parameters.
    Rule content configuration
    Parameter Description
    Behavioral action In this example, set the Behavioral action parameter to Must Improve.
    Note Default SQL review rules in DMS do not contain Must Improve. For more information about the Behavioral action parameter, see Behavioral actions.
    Remarks Enter the description of the behavioral action for this rule, such as the background information.
  7. Click OK.
    The SQL review optimization feature checks the validity of SQL statements based on the configured security rules during the development process.

Step 2: Change data

After you configure the security rules, submit a ticket to change data.

  1. Log on to the DMS console.
  2. In the top navigation bar, move the pointer over the More icon and choose Data Plans > Normal Data Modify.
  3. On the Data Change Ticket Application tab, set the parameters as required and click Submit.
    Note For more information about the parameters, see Table 1.
    • Select the database instance that is associated with the security rule set that you have configured.
    • Execute the following SQL statements for data change:
      CREATE TABLE test1 ( 
          id bigint COMMENT 'id', 
          name varchar(60) COMMENT 'name'
      ) DEFAULT CHARSET = utf8mb4 COLLATE utf8mb4_bin ENGINE = INNODB;
      
      INSERT INTO migration_job(id, ref_id, gmt_create, gmt_create) 
      VALUES(1, null, now(), now());
    Submit a data change ticket
  4. After you submit the ticket, DMS checks whether your configurations are valid based on the security rules that are configured in Step 1.
    The SQL review optimization feature reviews the submitted statements and returns suggestions. In this example, the following suggestions are returned: One item must be improved, two potential issues exist, and one item can be improved.
  5. Click View Details. Move the pointer over the items in the SQL Review column to view details.
    Item 1
  6. Click SQL Statements for Modification. Optimize the SQL statements based on the suggestions and click Confirm Change.
    You can modify the statements by performing the following operations:
    • In the CREATE TABLE statement, add a primary key and remarks for the test1 table.
    • In the INSERT statement, remove the duplicate field named gmt_create and insert values for the ref_id field.
    The following SQL statements are obtained after modification:
    CREATE TABLE test1 (
        id bigint PRIMARY KEY COMMENT 'id',
        name varchar(60) COMMENT  'name'
    ) DEFAULT  CHARSET = utf8mb4 COLLATE  utf8mb4_bin ENGINE = INNODB  COMMENT  = 'Remarks';
    INSERT INTO migration_job(id, ref_id, gmt_create) VALUES(1, 2, now());
  7. DMS reviews the SQL statements again.
    The statements pass the review. The statements pass the review
  8. Click Submit for Approval and wait for approval.
    After approval, a task is generated.
  9. Click Execute Change. In the Task Settings dialog box, set the parameters as required and click Confirm Execution. The following table describes the parameters.
    Note If you set the Execution Method parameter to After Audit Approved, Auto Execute in the Apply step, this step is automatically skipped.
    Parameter Description
    Execute Immediately Specifies whether to run the task immediately or at a scheduled time.
    • Running immediately: DMS immediately runs the task after you submit the task.
    • Schedule: DMS runs the task at a specified time.
    Default value: Running immediately.
    Transaction Control Specifies whether to enable transaction control.
    • on: If an SQL statement fails to be executed, all the executed data manipulation language (DML) statements are rolled back. Data definition language (DDL) statements cannot be rolled back.
    • off: The SQL statements are executed one by one. If an SQL statement fails to be executed, the task stops running. The executed statements are not rolled back.
    Default value: off.
    Data Backup Specifies whether to back up data.
    • on: DMS generates INSERT scripts to back up the data that will be affected when UPDATE or DELETE statements are executed.
    • off: DMS does not generate backup files.
    Default value: on.

What to do next

After the task is run, you can click Details to view operations logs that contain detailed information such as SQL statements, the execution duration, and scheduling details.