Skip to content

Feat/secondary indexes#12

Merged
jonathanmagambo merged 2 commits into
mainfrom
feat/secondary-indexes
Mar 8, 2026
Merged

Feat/secondary indexes#12
jonathanmagambo merged 2 commits into
mainfrom
feat/secondary-indexes

Conversation

@jonathanmagambo
Copy link
Copy Markdown
Collaborator

@jonathanmagambo jonathanmagambo commented Mar 8, 2026

PR: Secondary Indexes & Secure Joins (with RLS Enforcement)

Component: crates/storage, crates/query, crates/server

Branch: feat/secondary-indexes

Summary

This is a major feature PR introducing secondary indexing capabilities for fast field-lookups and "Safe Joins" for relational traversals. Crucially, it also implements strict Row-Level Security (RLS) enforcement for all list and query operations.

Key Changes

  • Secondary Indexing:
    • Implemented a dedicated _indexes table in redbx to store field-to-ID mappings.
    • Added high-performance MessagePack field extractor (extract_field_raw) with a 64-depth recursion guard to prevent DoS attacks.
  • Safe Joins:
    • New POST /v1/_query endpoint allowing local BFS traversal of related collections.
    • Joins are executed directly on the memory-mapped B-Tree for sub-1ms latencies.
  • RLS Enforcement (Critical):
    • Implemented a fetch-filter-loop in the API layer for list_docs and query_docs.
    • Every document is authorized against Cedar policies before being returned.
    • Secure cursor logic: next_cursor always points to the last scanned B-Tree document to prevent record leakage or skipping.
  • DoS Mitigation: Hardened the MessagePack extractor with recursion limits to prevent stack overflow panics from malicious payloads.

Verification Results

  • All 44 tests in the workspace (storage, query, and server) pass.
  • Verified RLS filtering in integration tests.
  • Verified DoS fix with deeply nested payloads.

@jonathanmagambo
feat(storage/query): implement secondary indexes and safe joins
930aeb9 
- Added `extract_field_raw` for zero-allocation MessagePack field extraction.
- Introduced `IndexRegistry` to natively manage secondary indexes.
- Wired atomic MVCC index updates during `insert`, `update_doc`, and `delete`.
- Flattened pagination params to handle dynamic `where[field]` intercept routing.
- Implemented `POST /v1/_query` relational BFS executor with N+1 B-Tree traversals.
- Designed `JoinQuery` AST in `forge-types` enforcing max depth caps.
@jonathanmagambo
fix(server): resolve clippy warnings and finalize RLS pagination logic
db8ae35
@jonathanmagambo jonathanmagambo merged commit 8c14dfc into main Mar 8, 2026
2 checks passed
@jonathanmagambo jonathanmagambo deleted the feat/secondary-indexes branch March 8, 2026 01:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jonathanmagambo