Comprehensive project improvement and optimization

[duyet]

This commit represents a comprehensive refactoring focused on three core principles: security, correctness, and elegance.

Security Enhancements

• Fix SQL injection in test helpers (connection.rs:522-536)
  • Test functions drop_user and create_user now use proper identifier escaping via the new sql_utils module
  • Prevents potential SQL injection even in test scenarios

Correctness Improvements

• Remove unsafe unwraps in production code (inspect.rs:31-33)

  • Helper functions no longer return unnecessary Result types
  • Simplified function signatures: Result<String> -> String
  • Code now honestly represents what it does (never fails)

• Fix silent validation failures (validate.rs:37-44)

  • Validation now properly collects and reports all errors
  • Returns error if any files fail validation
  • No more false success on broken config files

• Fix apply_all recursion bug (apply.rs:39-63)

  • Function now actually recurses using WalkDir
  • Previously only read top-level directory despite comment claiming recursion
  • Consistent with validate.rs implementation

Code Quality & Performance

• Eliminate code duplication (DRY principle)

  • Created shared sql_utils module with escape_identifier and escape_sql_string
  • Removed duplicate implementations from role_database.rs, role_schema.rs, role_table.rs, and user.rs
  • Single source of truth for SQL escaping logic with comprehensive tests

• Optimize memory usage

  • Removed unnecessary clone in apply.rs (config.users.clone())
  • Eliminated clone-then-retain pattern in role_table.rs
  • Use iterators and filters instead of cloning vectors
  • More idiomatic Rust with zero-copy operations where possible

Architecture

• New module: src/config/sql_utils.rs
  • Provides escape_identifier for PostgreSQL identifiers
  • Provides escape_sql_string for string literals
  • Comprehensive documentation and test coverage
  • Prevents SQL injection across the codebase

All changes maintain backward compatibility while improving code quality, security, and performance.

[gemini-code-assist[bot]]

Summary of Changes

Hello @duyet, I'm Gemini Code Assist[^1]! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly enhances the project's reliability, security, and maintainability. It introduces a dedicated utility for secure SQL operations, refactors existing code to prevent common pitfalls like silent errors and incorrect recursion, and optimizes memory usage by reducing unnecessary data cloning. The changes collectively aim to create a more robust and efficient codebase without altering external behavior.

Highlights

• Enhanced Security: Introduced a new "sql_utils" module for robust SQL identifier and string escaping, eliminating potential SQL injection vulnerabilities, even in test helpers.
• Improved Correctness: Eliminated "unwrap()" calls in production code in "inspect.rs" by adjusting function signatures, fixed a silent validation failure mechanism in "validate.rs" to report all errors, and corrected the "apply_all" function in "apply.rs" to properly recurse through directories using "WalkDir".
• Refactored Code Quality: Applied the DRY principle by centralizing SQL escaping logic into the new "sql_utils" module, removing duplicate implementations across several config files.
• Optimized Performance & Memory: Removed unnecessary "clone()" calls and refactored vector manipulation in "apply.rs" and "role_table.rs" to use iterators and filters, promoting more idiomatic Rust and zero-copy operations.
• Architectural Improvement: Introduced "src/config/sql_utils.rs" as a dedicated module for secure SQL string and identifier escaping, complete with documentation and test coverage.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with :thumbsup: and :thumbsdown: on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

[^1]: Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

[github-actions[bot]]

ubuntu-latest

Coverage Report

Created: 2025-11-16 07:27

Click here for information about interpreting this report.

Filename	Function Coverage	Line Coverage	Region Coverage	Branch Coverage
src/apply.rs	0.00% (0/10)	0.00% (0/191)	0.00% (0/365)	- (0/0)
src/cli.rs	0.00% (0/1)	0.00% (0/3)	0.00% (0/3)	- (0/0)
src/config/config_base.rs	96.15% (25/26)	97.87% (642/656)	95.75% (744/777)	- (0/0)
src/config/connection.rs	80.00% (4/5)	85.00% (34/40)	91.49% (43/47)	- (0/0)
src/config/role.rs	90.00% (9/10)	81.36% (48/59)	84.47% (87/103)	- (0/0)
src/config/role_database.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_schema.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_table.rs	100.00% (13/13)	95.58% (216/226)	95.81% (389/406)	- (0/0)
src/config/sql_utils.rs	100.00% (8/8)	100.00% (29/29)	100.00% (56/56)	- (0/0)
src/config/user.rs	100.00% (23/23)	99.40% (167/168)	98.39% (245/249)	- (0/0)
src/connection.rs	46.34% (19/41)	64.90% (281/433)	63.43% (399/629)	- (0/0)
src/gen.rs	83.33% (5/6)	76.39% (55/72)	69.16% (74/107)	- (0/0)
src/inspect.rs	0.00% (0/17)	0.00% (0/88)	0.00% (0/148)	- (0/0)
src/main.rs	0.00% (0/1)	0.00% (0/30)	0.00% (0/53)	- (0/0)
src/validate.rs	0.00% (0/4)	0.00% (0/52)	0.00% (0/82)	- (0/0)
tests/cli-apply.rs	0.00% (0/5)	0.00% (0/61)	0.00% (0/91)	- (0/0)
tests/cli-gen.rs	0.00% (0/6)	0.00% (0/52)	0.00% (0/72)	- (0/0)
tests/cli-inspect.rs	0.00% (0/1)	0.00% (0/18)	0.00% (0/29)	- (0/0)
tests/cli-validate.rs	0.00% (0/10)	0.00% (0/284)	0.00% (0/233)	- (0/0)
Totals	58.88% (116/197)	61.37% (1582/2578)	61.08% (2227/3646)	- (0/0)

Generated by llvm-cov -- llvm version 21.1.2-rust-1.91.1-stable

[github-actions[bot]]

ubuntu-latest

Coverage Report

Created: 2025-11-16 07:31

Click here for information about interpreting this report.

Filename	Function Coverage	Line Coverage	Region Coverage	Branch Coverage
src/apply.rs	0.00% (0/10)	0.00% (0/224)	0.00% (0/428)	- (0/0)
src/cli.rs	0.00% (0/1)	0.00% (0/3)	0.00% (0/3)	- (0/0)
src/config/config_base.rs	96.15% (25/26)	97.87% (642/656)	95.75% (744/777)	- (0/0)
src/config/connection.rs	80.00% (4/5)	85.00% (34/40)	91.49% (43/47)	- (0/0)
src/config/role.rs	90.00% (9/10)	81.36% (48/59)	84.47% (87/103)	- (0/0)
src/config/role_database.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_schema.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_table.rs	100.00% (13/13)	95.58% (216/226)	95.81% (389/406)	- (0/0)
src/config/sql_utils.rs	100.00% (8/8)	100.00% (29/29)	100.00% (56/56)	- (0/0)
src/config/user.rs	100.00% (23/23)	99.40% (167/168)	98.39% (245/249)	- (0/0)
src/connection.rs	46.34% (19/41)	64.90% (281/433)	63.43% (399/629)	- (0/0)
src/gen.rs	83.33% (5/6)	76.39% (55/72)	69.16% (74/107)	- (0/0)
src/inspect.rs	0.00% (0/17)	0.00% (0/88)	0.00% (0/148)	- (0/0)
src/main.rs	0.00% (0/1)	0.00% (0/33)	0.00% (0/56)	- (0/0)
src/validate.rs	0.00% (0/4)	0.00% (0/52)	0.00% (0/82)	- (0/0)
tests/cli-apply.rs	0.00% (0/5)	0.00% (0/61)	0.00% (0/91)	- (0/0)
tests/cli-gen.rs	0.00% (0/6)	0.00% (0/52)	0.00% (0/72)	- (0/0)
tests/cli-inspect.rs	0.00% (0/1)	0.00% (0/18)	0.00% (0/29)	- (0/0)
tests/cli-validate.rs	0.00% (0/10)	0.00% (0/284)	0.00% (0/233)	- (0/0)
Totals	58.88% (116/197)	60.52% (1582/2614)	59.99% (2227/3712)	- (0/0)

Generated by llvm-cov -- llvm version 21.1.2-rust-1.91.1-stable

[github-actions[bot]]

ubuntu-latest

Coverage Report

Created: 2025-11-16 11:09

Click here for information about interpreting this report.

Filename	Function Coverage	Line Coverage	Region Coverage	Branch Coverage
src/apply.rs	0.00% (0/10)	0.00% (0/220)	0.00% (0/428)	- (0/0)
src/cli.rs	0.00% (0/1)	0.00% (0/3)	0.00% (0/3)	- (0/0)
src/config/config_base.rs	96.15% (25/26)	99.24% (651/656)	97.94% (761/777)	- (0/0)
src/config/connection.rs	80.00% (4/5)	85.00% (34/40)	91.49% (43/47)	- (0/0)
src/config/role.rs	90.00% (9/10)	81.36% (48/59)	84.47% (87/103)	- (0/0)
src/config/role_database.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_schema.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_table.rs	100.00% (15/15)	96.05% (219/228)	96.41% (403/418)	- (0/0)
src/config/sql_utils.rs	100.00% (8/8)	100.00% (30/30)	100.00% (56/56)	- (0/0)
src/config/user.rs	100.00% (23/23)	99.40% (167/168)	98.39% (245/249)	- (0/0)
src/connection.rs	58.70% (27/46)	72.57% (344/474)	71.73% (510/711)	- (0/0)
src/gen.rs	83.33% (5/6)	76.39% (55/72)	69.16% (74/107)	- (0/0)
src/inspect.rs	0.00% (0/17)	0.00% (0/88)	0.00% (0/148)	- (0/0)
src/main.rs	0.00% (0/1)	0.00% (0/33)	0.00% (0/56)	- (0/0)
src/validate.rs	0.00% (0/4)	0.00% (0/52)	0.00% (0/82)	- (0/0)
tests/cli-apply.rs	100.00% (5/5)	100.00% (61/61)	100.00% (91/91)	- (0/0)
tests/cli-gen.rs	100.00% (6/6)	100.00% (52/52)	100.00% (72/72)	- (0/0)
tests/cli-inspect.rs	100.00% (1/1)	100.00% (18/18)	100.00% (29/29)	- (0/0)
tests/cli-validate.rs	100.00% (10/10)	100.00% (284/284)	100.00% (233/233)	- (0/0)
Totals	72.55% (148/204)	78.11% (2073/2654)	73.41% (2794/3806)	- (0/0)

Generated by llvm-cov -- llvm version 21.1.2-rust-1.91.1-stable

[github-actions[bot]]

ubuntu-latest

Coverage Report

Created: 2025-11-16 11:19

Click here for information about interpreting this report.

Filename	Function Coverage	Line Coverage	Region Coverage	Branch Coverage
src/apply.rs	0.00% (0/10)	0.00% (0/220)	0.00% (0/428)	- (0/0)
src/cli.rs	0.00% (0/1)	0.00% (0/3)	0.00% (0/3)	- (0/0)
src/config/config_base.rs	96.15% (25/26)	99.24% (651/656)	97.94% (761/777)	- (0/0)
src/config/connection.rs	80.00% (4/5)	85.00% (34/40)	91.49% (43/47)	- (0/0)
src/config/role.rs	90.00% (9/10)	81.36% (48/59)	84.47% (87/103)	- (0/0)
src/config/role_database.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_schema.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_table.rs	100.00% (15/15)	96.05% (219/228)	96.41% (403/418)	- (0/0)
src/config/sql_utils.rs	100.00% (8/8)	100.00% (30/30)	100.00% (56/56)	- (0/0)
src/config/user.rs	100.00% (23/23)	99.40% (167/168)	98.39% (245/249)	- (0/0)
src/connection.rs	58.70% (27/46)	72.57% (344/474)	71.73% (510/711)	- (0/0)
src/gen.rs	83.33% (5/6)	76.39% (55/72)	69.16% (74/107)	- (0/0)
src/inspect.rs	0.00% (0/17)	0.00% (0/88)	0.00% (0/148)	- (0/0)
src/main.rs	0.00% (0/1)	0.00% (0/33)	0.00% (0/56)	- (0/0)
src/validate.rs	0.00% (0/4)	0.00% (0/52)	0.00% (0/82)	- (0/0)
tests/cli-apply.rs	100.00% (5/5)	100.00% (61/61)	100.00% (91/91)	- (0/0)
tests/cli-gen.rs	100.00% (6/6)	100.00% (52/52)	100.00% (72/72)	- (0/0)
tests/cli-inspect.rs	100.00% (1/1)	100.00% (18/18)	100.00% (29/29)	- (0/0)
tests/cli-validate.rs	100.00% (10/10)	100.00% (284/284)	100.00% (233/233)	- (0/0)
Totals	72.55% (148/204)	78.11% (2073/2654)	73.41% (2794/3806)	- (0/0)

Generated by llvm-cov -- llvm version 21.1.2-rust-1.91.1-stable

[github-actions[bot]]

ubuntu-latest

Coverage Report

Created: 2025-11-16 11:41

Click here for information about interpreting this report.

Filename	Function Coverage	Line Coverage	Region Coverage	Branch Coverage
src/apply.rs	0.00% (0/10)	0.00% (0/220)	0.00% (0/428)	- (0/0)
src/cli.rs	0.00% (0/1)	0.00% (0/3)	0.00% (0/3)	- (0/0)
src/config/config_base.rs	96.15% (25/26)	99.24% (651/656)	97.94% (761/777)	- (0/0)
src/config/connection.rs	80.00% (4/5)	85.00% (34/40)	91.49% (43/47)	- (0/0)
src/config/role.rs	90.00% (9/10)	81.36% (48/59)	84.47% (87/103)	- (0/0)
src/config/role_database.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_schema.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_table.rs	100.00% (15/15)	96.12% (223/232)	96.41% (403/418)	- (0/0)
src/config/sql_utils.rs	100.00% (8/8)	100.00% (30/30)	100.00% (56/56)	- (0/0)
src/config/user.rs	100.00% (23/23)	99.40% (167/168)	98.39% (245/249)	- (0/0)
src/connection.rs	58.70% (27/46)	72.57% (344/474)	71.73% (510/711)	- (0/0)
src/gen.rs	83.33% (5/6)	76.39% (55/72)	69.16% (74/107)	- (0/0)
src/inspect.rs	0.00% (0/17)	0.00% (0/88)	0.00% (0/148)	- (0/0)
src/main.rs	0.00% (0/1)	0.00% (0/33)	0.00% (0/56)	- (0/0)
src/validate.rs	0.00% (0/4)	0.00% (0/52)	0.00% (0/82)	- (0/0)
tests/cli-apply.rs	100.00% (5/5)	100.00% (61/61)	100.00% (91/91)	- (0/0)
tests/cli-gen.rs	100.00% (6/6)	100.00% (52/52)	100.00% (72/72)	- (0/0)
tests/cli-inspect.rs	100.00% (1/1)	100.00% (18/18)	100.00% (29/29)	- (0/0)
tests/cli-validate.rs	100.00% (10/10)	100.00% (284/284)	100.00% (233/233)	- (0/0)
Totals	72.55% (148/204)	78.14% (2077/2658)	73.41% (2794/3806)	- (0/0)

Generated by llvm-cov -- llvm version 21.1.2-rust-1.91.1-stable

[github-actions[bot]]

ubuntu-latest

Coverage Report

Created: 2025-11-17 03:24

Click here for information about interpreting this report.

Filename	Function Coverage	Line Coverage	Region Coverage	Branch Coverage
src/apply.rs	0.00% (0/10)	0.00% (0/220)	0.00% (0/428)	- (0/0)
src/cli.rs	0.00% (0/1)	0.00% (0/3)	0.00% (0/3)	- (0/0)
src/config/config_base.rs	96.15% (25/26)	99.24% (651/656)	97.94% (761/777)	- (0/0)
src/config/connection.rs	80.00% (4/5)	85.00% (34/40)	91.49% (43/47)	- (0/0)
src/config/role.rs	90.00% (9/10)	81.36% (48/59)	84.47% (87/103)	- (0/0)
src/config/role_database.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_schema.rs	100.00% (5/5)	94.83% (55/58)	96.94% (95/98)	- (0/0)
src/config/role_table.rs	100.00% (15/15)	96.09% (221/230)	96.41% (403/418)	- (0/0)
src/config/sql_utils.rs	100.00% (11/11)	100.00% (42/42)	100.00% (81/81)	- (0/0)
src/config/user.rs	100.00% (23/23)	99.40% (167/168)	98.39% (245/249)	- (0/0)
src/connection.rs	58.70% (27/46)	72.57% (344/474)	71.73% (510/711)	- (0/0)
src/gen.rs	83.33% (5/6)	76.39% (55/72)	69.16% (74/107)	- (0/0)
src/inspect.rs	0.00% (0/17)	0.00% (0/88)	0.00% (0/148)	- (0/0)
src/main.rs	0.00% (0/1)	0.00% (0/33)	0.00% (0/56)	- (0/0)
src/validate.rs	0.00% (0/4)	0.00% (0/52)	0.00% (0/82)	- (0/0)
tests/cli-apply.rs	100.00% (5/5)	100.00% (61/61)	100.00% (91/91)	- (0/0)
tests/cli-gen.rs	100.00% (6/6)	100.00% (52/52)	100.00% (72/72)	- (0/0)
tests/cli-inspect.rs	100.00% (1/1)	100.00% (18/18)	100.00% (29/29)	- (0/0)
tests/cli-validate.rs	100.00% (10/10)	100.00% (284/284)	100.00% (233/233)	- (0/0)
Totals	72.95% (151/207)	78.22% (2087/2668)	73.58% (2819/3831)	- (0/0)

Generated by llvm-cov -- llvm version 21.1.2-rust-1.91.1-stable