Formal sqlcommenter
Formal sqlcommenter is a plugin that enables your ORMs to augment SQL statement before execution, with a comment containing the end-user id of a request. Sqlcommenter is typically useful for back-office application that needs to implement role access management.
Local Install
pip3 install --user formal-sqlcommenterUsage
Psycopg2
Use the provided cursor factory to generate database cursors. All queries executed with such cursors will have the SQL comment prepended to them.
import psycopg2
from formal.sqlcommenter.psycopg2.extension import CommenterCursorFactory
cursor_factory = CommenterCursorFactory()
conn = psycopg2.connect(..., cursor_factory=cursor_factory)
cursor = conn.cursor()
cursor.execute('SELECT * from ...', '1234') # comment will be added before executionwhich will produce a backend log such as when viewed on Postgresql
2019-05-28 02:33:25.287 PDT [57302] LOG: statement: SELECT * FROM
polls_question *--formal_role_id: 1234 */
