Skip to content

Commit c74a4b5

Browse files
committed
feat(proxy): forward all automatic parameters to proxy upstream consistently (v3.18.1)
When an endpoint is a proxy, all server-filled parameters now forward to the upstream through one unified path: user claims, IP address, HTTP Custom Type fields, and resolved-parameter expressions. Placement mirrors the endpoint's own signature, NOT the HTTP verb: - a @body_parameter_name param carries the raw request body; - otherwise RequestParamType decides — QueryString appends to the proxy query string, BodyJson merges into the proxy JSON body (typed: numbers / booleans / embedded json / strings) when the method carries a body. Additive: the verbatim incoming request is still forwarded; the automatic params are added on top so the upstream receives the same parameter set the routine would. The previous claim/IP-only query append in BuildTargetUrl is removed and folded into the unified mechanism. Behavior change: claims/IP now follow RequestParamType (unchanged for GET/QueryString — still query; for BodyJson endpoints they now go to the body). Notes: body merge only for JSON content types (multipart/non-JSON forwarded verbatim); only expanded per-field HTTP-type params forwarded. Tests cover GET-query, POST-body (typed), param_type-query on POST, and resolved-param forwarding; existing claim/IP proxy tests pass unchanged. Full suite green (2288). See changelog/v3.18.1.md. Also adds a Claude Code skill bundle (.claude/skills/npgsqlrest/) — a usage guide plus full annotation and configuration references generated from --annotations/--config — and a README section on installing it.
1 parent e036f3d commit c74a4b5

10 files changed

Lines changed: 4066 additions & 36 deletions

File tree

.claude/skills/npgsqlrest/SKILL.md

Lines changed: 238 additions & 0 deletions
Large diffs are not rendered by default.
Lines changed: 355 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,355 @@
1+
# NpgsqlRest — Full Annotation Reference
2+
3+
Every comment annotation, generated from `npgsqlrest --annotations` (NpgsqlRest v3.18.1).
4+
Annotations apply to both endpoint sources (database routines via `comment on`, and `.sql` files via leading `--` comments). The `@` prefix is optional. Regenerate with `npgsqlrest --annotations`.
5+
6+
## `http`
7+
8+
- **Aliases:** http
9+
- **Syntax:** `http [GET|POST|PUT|DELETE] [path]`
10+
11+
Enable endpoint and configure HTTP method and/or path. Required (for HTTP exposure) when CommentsMode is OnlyAnnotated (or its alias OnlyWithHttpTag).
12+
13+
## `path`
14+
15+
- **Aliases:** path
16+
- **Syntax:** `path <url_path>`
17+
18+
Override the endpoint URL path.
19+
20+
## `param_type`
21+
22+
- **Aliases:** request_param_type, param_type
23+
- **Syntax:** `param_type [query_string|query|body_json|body]`
24+
25+
Set request parameter type to query string or JSON body.
26+
27+
## `authorize`
28+
29+
- **Aliases:** authorize, authorized, requires_authorization
30+
- **Syntax:** `authorize [role1, role2, ...]`
31+
32+
Require authorization, optionally restricting to specific roles.
33+
34+
## `allow_anonymous`
35+
36+
- **Aliases:** allow_anonymous, anonymous, allow_anon, anon
37+
- **Syntax:** `allow_anonymous`
38+
39+
Allow unauthenticated access to this endpoint.
40+
41+
## `login`
42+
43+
- **Aliases:** login, signin
44+
- **Syntax:** `login`
45+
46+
Mark endpoint as a login/authentication endpoint.
47+
48+
## `logout`
49+
50+
- **Aliases:** logout, signout
51+
- **Syntax:** `logout`
52+
53+
Mark endpoint as a logout endpoint.
54+
55+
## `raw`
56+
57+
- **Aliases:** raw, raw_mode, raw_results
58+
- **Syntax:** `raw`
59+
60+
Return raw results without JSON formatting.
61+
62+
## `separator`
63+
64+
- **Aliases:** separator, raw_separator
65+
- **Syntax:** `separator <value>`
66+
67+
Set the value separator for raw mode output.
68+
69+
## `new_line`
70+
71+
- **Aliases:** new_line, raw_new_line
72+
- **Syntax:** `new_line <value>`
73+
74+
Set the line separator for raw mode output.
75+
76+
## `columns`
77+
78+
- **Aliases:** columns, names, column_names
79+
- **Syntax:** `columns`
80+
81+
Include column names as the first row in raw output.
82+
83+
## `buffer_rows`
84+
85+
- **Aliases:** buffer_rows, buffer
86+
- **Syntax:** `buffer_rows <number>`
87+
88+
Set the number of rows to buffer before sending response.
89+
90+
## `cached`
91+
92+
- **Aliases:** cached
93+
- **Syntax:** `cached [param1, param2, ...]`
94+
95+
Enable response caching, optionally specifying cache key parameters.
96+
97+
## `cache_expires`
98+
99+
- **Aliases:** cache_expires, cache_expires_in
100+
- **Syntax:** `cache_expires <interval>`
101+
102+
Set cache expiration time (PostgreSQL interval format).
103+
104+
## `cache_profile`
105+
106+
- **Aliases:** cache_profile
107+
- **Syntax:** `cache_profile <name>`
108+
109+
Select a named cache profile defined in CacheOptions.Profiles. The profile supplies the cache backend, default expiration, default key parameters, and per-parameter skip conditions. Implies caching even without @cached. Existing @cached and @cache_expires annotations override the profile's defaults. Unknown profile names cause startup to fail.
110+
111+
## `connection_name`
112+
113+
- **Aliases:** connection, connection_name
114+
- **Syntax:** `connection_name <name>`
115+
116+
Use a specific named connection string for this endpoint.
117+
118+
## `timeout`
119+
120+
- **Aliases:** command_timeout, timeout
121+
- **Syntax:** `timeout <interval>`
122+
123+
Set command execution timeout (PostgreSQL interval format).
124+
125+
## `request_headers_mode`
126+
127+
- **Aliases:** request_headers_mode, request_headers
128+
- **Syntax:** `request_headers [ignore|context|parameter]`
129+
130+
Control how HTTP request headers are passed to the routine.
131+
132+
## `request_headers_parameter_name`
133+
134+
- **Aliases:** request_headers_parameter_name, request_headers_param_name, request-headers-param-name
135+
- **Syntax:** `request_headers_parameter_name <name>`
136+
137+
Set the parameter name for request headers when mode is parameter.
138+
139+
## `body_parameter_name`
140+
141+
- **Aliases:** body_parameter_name, body_param_name
142+
- **Syntax:** `body_parameter_name <name>`
143+
144+
Set the parameter name for the JSON body content.
145+
146+
## `response_null_handling`
147+
148+
- **Aliases:** response_null_handling, response_null
149+
- **Syntax:** `response_null [empty_string|null_literal|no_content|204]`
150+
151+
Control how NULL return values are rendered in responses.
152+
153+
## `query_string_null_handling`
154+
155+
- **Aliases:** query_string_null_handling, query_null_handling, query_string_null, query_null
156+
- **Syntax:** `query_null [empty_string|null_literal|ignore]`
157+
158+
Control how NULL query string parameters are handled.
159+
160+
## `security_sensitive`
161+
162+
- **Aliases:** sensitive, security, security_sensitive
163+
- **Syntax:** `security_sensitive`
164+
165+
Mark endpoint as security-sensitive (suppresses logging of parameters).
166+
167+
## `user_context`
168+
169+
- **Aliases:** user_context
170+
- **Syntax:** `user_context`
171+
172+
Pass authenticated user context to the routine via connection settings.
173+
174+
## `user_parameters`
175+
176+
- **Aliases:** user_parameters, user_params
177+
- **Syntax:** `user_parameters`
178+
179+
Map user claims to routine parameters.
180+
181+
## `upload`
182+
183+
- **Aliases:** upload
184+
- **Syntax:** `upload [for handler1, handler2, ...]`
185+
186+
Enable file upload for this endpoint, optionally specifying upload handlers.
187+
188+
## `param`
189+
190+
- **Aliases:** parameter, param
191+
- **Syntax:** `param <name> is hash of <other_name> | param <name> is upload metadata | param <original> <new_name> [type] | param <original> is <new_name> [type]`
192+
193+
Configure parameter behavior: hash computation, upload metadata binding, or rename/retype. Rename forms: 'param $1 user_id', 'param $1 user_id integer', 'param $1 is user_id', 'param _old_name better_name'. Works on all endpoint types.
194+
195+
## `sse_path`
196+
197+
- **Aliases:** sse, sse_path, sse_events_path
198+
- **Syntax:** `sse_path [path] [on info|notice|warning]`
199+
200+
Enable Server-Sent Events streaming with optional path and notice level.
201+
202+
## `sse_level`
203+
204+
- **Aliases:** sse_level, sse_events_level
205+
- **Syntax:** `sse_level [info|notice|warning]`
206+
207+
Set the PostgreSQL notice level for SSE events.
208+
209+
## `sse_scope`
210+
211+
- **Aliases:** sse_scope, sse_events_scope
212+
- **Syntax:** `sse_scope [all|authorize|matching] [role1, role2, ...]`
213+
214+
Set the broadcast scope for SSE events.
215+
216+
## `basic_auth`
217+
218+
- **Aliases:** basic_authentication, basic_auth
219+
- **Syntax:** `basic_auth [username] [password]`
220+
221+
Enable HTTP Basic Authentication for this endpoint.
222+
223+
## `basic_auth_realm`
224+
225+
- **Aliases:** basic_authentication_realm, basic_auth_realm, realm
226+
- **Syntax:** `basic_auth_realm <realm>`
227+
228+
Set the authentication realm for Basic Auth challenges.
229+
230+
## `basic_auth_command`
231+
232+
- **Aliases:** basic_authentication_command, basic_auth_command, challenge_command
233+
- **Syntax:** `basic_auth_command <sql_command>`
234+
235+
Set a custom SQL command for Basic Auth credential validation.
236+
237+
## `retry_strategy`
238+
239+
- **Aliases:** retry_strategy_name, retry_strategy, retry
240+
- **Syntax:** `retry_strategy <name>`
241+
242+
Apply a named retry strategy for transient database errors.
243+
244+
## `rate_limiter`
245+
246+
- **Aliases:** rate_limiter_policy_name, rate_limiter_policy, rate_limiter
247+
- **Syntax:** `rate_limiter <policy_name>`
248+
249+
Apply a named rate limiting policy to this endpoint.
250+
251+
## `error_code_policy`
252+
253+
- **Aliases:** error_code_policy_name, error_code_policy, error_code
254+
- **Syntax:** `error_code_policy <name>`
255+
256+
Apply a named error code mapping policy for PostgreSQL error codes.
257+
258+
## `validate`
259+
260+
- **Aliases:** validate, validation
261+
- **Syntax:** `validate <param_name> using <rule_name>`
262+
263+
Add parameter validation using a named validation rule.
264+
265+
## `proxy`
266+
267+
- **Aliases:** proxy, reverse_proxy
268+
- **Syntax:** `proxy [GET|POST|PUT|DELETE|PATCH] [host_url]`
269+
270+
Configure endpoint as a reverse proxy.
271+
272+
## `proxy_out`
273+
274+
- **Aliases:** proxy_out, forward_proxy
275+
- **Syntax:** `proxy_out [GET|POST|PUT|DELETE|PATCH] [host_url]`
276+
277+
Execute function first, then forward result body to upstream proxy service.
278+
279+
## `nested_json`
280+
281+
- **Aliases:** nested, nested_json, nested_composite
282+
- **Syntax:** `nested_json`
283+
284+
Serialize composite type columns as nested JSON objects.
285+
286+
## `tags`
287+
288+
- **Aliases:** for, tags, tag
289+
- **Syntax:** `for tag1, tag2, ...`
290+
291+
Filter endpoint availability by tags.
292+
293+
## `disabled`
294+
295+
- **Aliases:** disabled
296+
- **Syntax:** `disabled [tag1, tag2, ...]`
297+
298+
Disable this endpoint, optionally only for specific tags.
299+
300+
## `enabled`
301+
302+
- **Aliases:** enabled
303+
- **Syntax:** `enabled [tag1, tag2, ...]`
304+
305+
Enable this endpoint, optionally only for specific tags.
306+
307+
## `internal`
308+
309+
- **Aliases:** internal, internal_only
310+
- **Syntax:** `internal`
311+
312+
Mark endpoint as internal-only. Not exposed as an HTTP route, only accessible via self-referencing calls (proxy, HTTP client types).
313+
314+
## `encrypt`
315+
316+
- **Aliases:** encrypt, encrypted, protect, protected
317+
- **Syntax:** `encrypt [param1, param2, ...]`
318+
319+
Encrypt parameter values using the default data protector before sending to PostgreSQL. Without arguments, encrypts all text parameters.
320+
321+
## `decrypt`
322+
323+
- **Aliases:** decrypt, decrypted, unprotect, unprotected
324+
- **Syntax:** `decrypt [column1, column2, ...]`
325+
326+
Decrypt result column values using the default data protector before returning to the client. Without arguments, decrypts all text columns.
327+
328+
## `custom_parameter`
329+
330+
- **Aliases:**
331+
- **Syntax:** `key = value`
332+
333+
Define a custom parameter as key-value pair (separated by =).
334+
335+
## `header`
336+
337+
- **Aliases:**
338+
- **Syntax:** `Header-Name: header-value`
339+
340+
Add a response header (separated by :).
341+
342+
## `resultN`
343+
344+
- **Aliases:** result1, result2, result3
345+
- **Syntax:** `resultN <name> | resultN is <name>`
346+
347+
Rename a result key in multi-command SQL file responses. N is the 1-based command index. Example: '@result1 validate' renames the first result from 'result1' to 'validate'. SQL file source only.
348+
349+
## `define_param`
350+
351+
- **Aliases:** define_param
352+
- **Syntax:** `define_param <name> [type]`
353+
354+
Define a virtual parameter that exists for HTTP matching and claim mapping but is NOT bound to the PostgreSQL command. Useful for SQL file endpoints where you need parameters for comment placeholders or claim mapping without referencing them in SQL. Default type is text. SQL file source only.
355+

0 commit comments

Comments
 (0)