Add SECURITY DEFINER/INVOKER parsing for PostgreSQL functions.

fmguerreiro · fmguerreiro · commit d85fe748dfaf · 2025-12-25T14:44:58.000+09:00
diff --git a/src/ast/ddl.rs b/src/ast/ddl.rs
@@ -44,7 +44,7 @@ use crate::ast::{
     ArgMode, AttachedToken, CommentDef, ConditionalStatements, CreateFunctionBody,
     CreateFunctionUsing, CreateTableLikeKind, CreateTableOptions, CreateViewParams, DataType, Expr,
     FileFormat, FunctionBehavior, FunctionCalledOnNull, FunctionDesc, FunctionDeterminismSpecifier,
-    FunctionParallel, HiveDistributionStyle, HiveFormat, HiveIOFormat, HiveRowFormat,
+    FunctionParallel, FunctionSecurity, HiveDistributionStyle, HiveFormat, HiveIOFormat, HiveRowFormat,
     HiveSetLocation, Ident, InitializeKind, MySQLColumnPosition, ObjectName, OnCommit,
     OneOrManyWithParens, OperateFunctionArg, OrderByExpr, ProjectionSelect, Query, RefreshModeKind,
     RowAccessPolicy, SequenceOptions, Spanned, SqlOption, StorageSerializationPolicy, TableVersion,
@@ -3226,6 +3226,10 @@ pub struct CreateFunction {
     ///
     /// [PostgreSQL](https://www.postgresql.org/docs/current/sql-createfunction.html)
     pub parallel: Option<FunctionParallel>,
+    /// SECURITY DEFINER | SECURITY INVOKER
+    ///
+    /// [PostgreSQL](https://www.postgresql.org/docs/current/sql-createfunction.html)
+    pub security: Option<FunctionSecurity>,
     /// USING ... (Hive only)
     pub using: Option<CreateFunctionUsing>,
     /// Language used in a UDF definition.
@@ -3292,6 +3296,9 @@ impl fmt::Display for CreateFunction {
         if let Some(parallel) = &self.parallel {
             write!(f, " {parallel}")?;
         }
+        if let Some(security) = &self.security {
+            write!(f, " {security}")?;
+        }
         if let Some(remote_connection) = &self.remote_connection {
             write!(f, " REMOTE WITH CONNECTION {remote_connection}")?;
         }
diff --git a/src/ast/mod.rs b/src/ast/mod.rs
@@ -8822,6 +8822,26 @@ impl fmt::Display for FunctionParallel {
     }
 }
 
+/// SECURITY DEFINER | SECURITY INVOKER
+///
+/// [PostgreSQL](https://www.postgresql.org/docs/current/sql-createfunction.html)
+#[derive(Debug, Clone, PartialEq, PartialOrd, Eq, Ord, Hash)]
+#[cfg_attr(feature = "serde", derive(Serialize, Deserialize))]
+#[cfg_attr(feature = "visitor", derive(Visit, VisitMut))]
+pub enum FunctionSecurity {
+    Definer,
+    Invoker,
+}
+
+impl fmt::Display for FunctionSecurity {
+    fn fmt(&self, f: &mut fmt::Formatter) -> fmt::Result {
+        match self {
+            FunctionSecurity::Definer => write!(f, "SECURITY DEFINER"),
+            FunctionSecurity::Invoker => write!(f, "SECURITY INVOKER"),
+        }
+    }
+}
+
 /// [BigQuery] Determinism specifier used in a UDF definition.
 ///
 /// [BigQuery]: https://cloud.google.com/bigquery/docs/reference/standard-sql/data-definition-language#syntax_11
diff --git a/src/parser/mod.rs b/src/parser/mod.rs
@@ -5260,6 +5260,7 @@ impl<'a> Parser<'a> {
             function_body: Option<CreateFunctionBody>,
             called_on_null: Option<FunctionCalledOnNull>,
             parallel: Option<FunctionParallel>,
+            security: Option<FunctionSecurity>,
             options: Vec<SqlOption>,
         }
         let mut body = Body::default();
@@ -5339,6 +5340,15 @@ impl<'a> Parser<'a> {
                     first_value
                 };
                 body.options.push(SqlOption::KeyValue { key: name, value });
+            } else if self.parse_keyword(Keyword::SECURITY) {
+                ensure_not_set(&body.security, "SECURITY DEFINER | SECURITY INVOKER")?;
+                if self.parse_keyword(Keyword::DEFINER) {
+                    body.security = Some(FunctionSecurity::Definer);
+                } else if self.parse_keyword(Keyword::INVOKER) {
+                    body.security = Some(FunctionSecurity::Invoker);
+                } else {
+                    return self.expected("DEFINER or INVOKER", self.peek_token());
+                }
             } else if self.parse_keyword(Keyword::RETURN) {
                 ensure_not_set(&body.function_body, "RETURN")?;
                 body.function_body = Some(CreateFunctionBody::Return(self.parse_expr()?));
@@ -5357,6 +5367,7 @@ impl<'a> Parser<'a> {
             behavior: body.behavior,
             called_on_null: body.called_on_null,
             parallel: body.parallel,
+            security: body.security,
             language: body.language,
             function_body: body.function_body,
             if_not_exists: false,
@@ -5398,6 +5409,7 @@ impl<'a> Parser<'a> {
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             language: None,
             determinism_specifier: None,
             options: None,
@@ -5480,6 +5492,7 @@ impl<'a> Parser<'a> {
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
         }))
     }
 
@@ -5569,6 +5582,7 @@ impl<'a> Parser<'a> {
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
         }))
     }
 
diff --git a/tests/sqlparser_bigquery.rs b/tests/sqlparser_bigquery.rs
@@ -2294,6 +2294,7 @@ fn test_bigquery_create_function() {
             remote_connection: None,
             called_on_null: None,
             parallel: None,
+            security: None,
         })
     );
 
diff --git a/tests/sqlparser_mssql.rs b/tests/sqlparser_mssql.rs
@@ -266,6 +266,7 @@ fn parse_create_function() {
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             using: None,
             language: None,
             determinism_specifier: None,
@@ -439,6 +440,7 @@ fn parse_create_function_parameter_default_values() {
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             using: None,
             language: None,
             determinism_specifier: None,
diff --git a/tests/sqlparser_postgres.rs b/tests/sqlparser_postgres.rs
@@ -4294,6 +4294,7 @@ $$"#;
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             function_body: Some(CreateFunctionBody::AsBeforeOptions {
                 body: Expr::Value(
                     (Value::DollarQuotedString(DollarQuotedString {value: "\nBEGIN\n    IF str1 <> str2 THEN\n        RETURN TRUE;\n    ELSE\n        RETURN FALSE;\n    END IF;\nEND;\n".to_owned(), tag: None})).with_empty_span()
@@ -4335,6 +4336,7 @@ $$"#;
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             function_body: Some(CreateFunctionBody::AsBeforeOptions {
                 body: Expr::Value(
                     (Value::DollarQuotedString(DollarQuotedString {value: "\nBEGIN\n    IF int1 <> 0 THEN\n        RETURN TRUE;\n    ELSE\n        RETURN FALSE;\n    END IF;\nEND;\n".to_owned(), tag: None})).with_empty_span()
@@ -4380,6 +4382,7 @@ $$"#;
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             function_body: Some(CreateFunctionBody::AsBeforeOptions {
                 body: Expr::Value(
                     (Value::DollarQuotedString(DollarQuotedString {value: "\nBEGIN\n    IF a <> b THEN\n        RETURN TRUE;\n    ELSE\n        RETURN FALSE;\n    END IF;\nEND;\n".to_owned(), tag: None})).with_empty_span()
@@ -4425,6 +4428,7 @@ $$"#;
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             function_body: Some(CreateFunctionBody::AsBeforeOptions {
                 body: Expr::Value(
                     (Value::DollarQuotedString(DollarQuotedString {value: "\nBEGIN\n    IF int1 <> int2 THEN\n        RETURN TRUE;\n    ELSE\n        RETURN FALSE;\n    END IF;\nEND;\n".to_owned(), tag: None})).with_empty_span()
@@ -4463,6 +4467,7 @@ $$"#;
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             function_body: Some(CreateFunctionBody::AsBeforeOptions {
                 body: Expr::Value(
                     (Value::DollarQuotedString(DollarQuotedString {
@@ -4504,6 +4509,7 @@ fn parse_create_function() {
             behavior: Some(FunctionBehavior::Immutable),
             called_on_null: Some(FunctionCalledOnNull::Strict),
             parallel: Some(FunctionParallel::Safe),
+            security: None,
             function_body: Some(CreateFunctionBody::AsBeforeOptions {
                 body: Expr::Value(
                     (Value::SingleQuotedString("select $1 + $2;".into())).with_empty_span()
@@ -4562,6 +4568,7 @@ fn parse_create_function_c_with_module_pathname() {
             behavior: Some(FunctionBehavior::Immutable),
             called_on_null: None,
             parallel: Some(FunctionParallel::Safe),
+            security: None,
             function_body: Some(CreateFunctionBody::AsBeforeOptions {
                 body: Expr::Value(
                     (Value::SingleQuotedString("MODULE_PATHNAME".into())).with_empty_span()
@@ -4674,6 +4681,59 @@ AS $$ BEGIN RETURN event; END; $$"#;
     }
 }
 
+#[test]
+fn parse_create_function_with_security_definer() {
+    let sql = r#"CREATE FUNCTION public.my_func() RETURNS void LANGUAGE sql SECURITY DEFINER AS $$ SELECT 1 $$"#;
+
+    let stmt = pg().verified_stmt(sql);
+    match stmt {
+        Statement::CreateFunction(CreateFunction { name, security, .. }) => {
+            assert_eq!(name.to_string(), "public.my_func");
+            assert_eq!(security, Some(FunctionSecurity::Definer));
+        }
+        _ => panic!("Expected CreateFunction"),
+    }
+}
+
+#[test]
+fn parse_create_function_with_security_invoker() {
+    let sql = r#"CREATE FUNCTION public.my_func() RETURNS void LANGUAGE sql SECURITY INVOKER AS $$ SELECT 1 $$"#;
+
+    let stmt = pg().verified_stmt(sql);
+    match stmt {
+        Statement::CreateFunction(CreateFunction { name, security, .. }) => {
+            assert_eq!(name.to_string(), "public.my_func");
+            assert_eq!(security, Some(FunctionSecurity::Invoker));
+        }
+        _ => panic!("Expected CreateFunction"),
+    }
+}
+
+#[test]
+fn parse_create_function_with_security_and_other_attributes() {
+    pg().one_statement_parses_to(
+        r#"CREATE FUNCTION test_func() RETURNS integer LANGUAGE plpgsql IMMUTABLE SECURITY DEFINER AS $$ BEGIN RETURN 42; END; $$"#,
+        r#"CREATE FUNCTION test_func() RETURNS INTEGER LANGUAGE plpgsql IMMUTABLE SECURITY DEFINER AS $$ BEGIN RETURN 42; END; $$"#,
+    );
+
+    let stmt = pg().verified_stmt(r#"CREATE FUNCTION test_func() RETURNS INTEGER LANGUAGE plpgsql IMMUTABLE SECURITY DEFINER AS $$ BEGIN RETURN 42; END; $$"#);
+    match stmt {
+        Statement::CreateFunction(CreateFunction {
+            name,
+            security,
+            behavior,
+            language,
+            ..
+        }) => {
+            assert_eq!(name.to_string(), "test_func");
+            assert_eq!(security, Some(FunctionSecurity::Definer));
+            assert_eq!(behavior, Some(FunctionBehavior::Immutable));
+            assert_eq!(language.as_ref().map(|i| i.value.as_str()), Some("plpgsql"));
+        }
+        _ => panic!("Expected CreateFunction"),
+    }
+}
+
 #[test]
 fn parse_drop_function() {
     let sql = "DROP FUNCTION IF EXISTS test_func";
@@ -6275,6 +6335,7 @@ fn parse_trigger_related_functions() {
             behavior: None,
             called_on_null: None,
             parallel: None,
+            security: None,
             using: None,
             language: Some(Ident::new("plpgsql")),
             determinism_specifier: None,
