CREATE PROCEDURE
See the dedicated 'User-defined subprograms and anonymous blocks' section.
User-defined procedures are part of a larger area of functionality. See this major section:
Synopsis
Use the CREATE PROCEDURE
statement to create a procedure in a database.
Syntax
create_procedure ::= CREATE [ OR REPLACE ] PROCEDURE subprogram_name (
[ arg_decl_with_dflt [ , ... ] ] )
{ unalterable_proc_attribute
| alterable_fn_and_proc_attribute } [ ... ]
arg_decl_with_dflt ::= arg_decl [ { DEFAULT | = } expression ]
arg_decl ::= [ arg_name ] [ arg_mode ] arg_type
subprogram_signature ::= arg_decl [ , ... ]
unalterable_proc_attribute ::= LANGUAGE lang_name
| AS implementation_definition
lang_name ::= SQL | PLPGSQL | C
implementation_definition ::= ' sql_stmt_list '
| ' plpgsql_block_stmt '
| ' obj_file ' [ , ' link_symbol ' ]
sql_stmt_list ::= sql_stmt ; [ sql_stmt ... ]
alterable_fn_and_proc_attribute ::= SET run_time_parameter
{ TO value
| = value
| FROM CURRENT }
| RESET run_time_parameter
| RESET ALL
| [ EXTERNAL ] SECURITY
{ INVOKER | DEFINER }
create_procedure
arg_decl_with_dflt
arg_decl
subprogram_signature
unalterable_proc_attribute
lang_name
implementation_definition
sql_stmt_list
alterable_fn_and_proc_attribute
'create procedure' and the 'subprogram_signature' rule.
When you write aCREATE PROCEDURE
statement, you will already have decided what formal arguments it will have—i.e. for each, what will be its name, mode, data type, and optionally its default value. When, later, you alter or drop a procedure, you must identify it. You do this, in ALTER PROCEDURE
and DROP PROCEDURE
, typically by specifying just its subprogram_call_signature. You are allowed to use the full subprogram_signature. But this is unconventional. Notice that the subprogram_signature does not include the optional specification of default values; and you cannot mention these when you alter or drop a procedure. The distinction between the subprogram_signature and the subprogram_call_signature is discussed carefully in the section Subprogram overloading.
Semantics
-
The meanings of the various procedure attributes are explained in the section Subprogram attributes.
-
A procedure, like other schema objects such as a table, inevitably has an owner. You cannot specify the owner explicitly when a procedure is created. Rather, it's defined implicitly as what the current_user built-in function returns when it's invoked in the session that creates the procedure. This user must have the usage privilege on the procedure's schema and its argument data types. You (optionally) specify the procedure's schema and (mandatorily) its name within its schema as the argument of the subprogram_name rule.
-
If a procedure with the given name, schema, and argument types already exists then
CREATE PROCEDURE
will draw an error unless theCREATE OR REPLACE PROCEDURE
variant is used. -
Procedures with different subprogram_call_signatures can share the same subprogram_name. (The same holds for functions.) See section Subprogram overloading.
-
CREATE OR REPLACE PROCEDURE
doesn't change permissions that have been granted on an existing procedure. To use this statement, the current user must own the procedure, or be a member of the role that owns it. -
In contrast, if you drop and then recreate a procedure, the new procedure is not the same entity as the old one. So you will have to drop existing objects that depend upon the old procedure. (Dropping the procedure
CASCADE
achieves this.) Alternatively,ALTER PROCEDURE
can be used to change most of the auxiliary attributes of an existing procedure. -
The languages supported by default are
SQL
,PLPGSQL
andC
.
'Create procedure' grants 'execute' to 'public'.
Execute is granted automatically to public when you create a new procedure. This is very unlikely to be want you want—and so this behavior presents a disguised security risk. Yugabyte recommends that your standard practice be to revoke this privilege immediately after creating a procedure.You cannot set the 'depends on extension' attribute with 'create procedure'.
A procedure's depends on extension attribute cannot be set usingCREATE [OR REPLACE] PROCEDURE
. You must use ALTER PROCEDURE
to set it.
Examples
-
Set up an accounts table.
create schema s; create table s.accounts ( id integer primary key, name text not null, balance decimal(15,2) not null); insert into s.accounts values (1, 'Jane', 100.00); insert into s.accounts values (2, 'John', 50.00); select * from s.accounts order by 1;
id | name | balance ----+------+--------- 1 | Jane | 100.00 2 | John | 50.00 (2 rows)
-
Define a transfer procedure to transfer money from one account to another.
create or replace procedure s.transfer(from_id in int, to_id in int, amnt in decimal) security definer set search_path = pg_catalog, pg_temp language plpgsql as $body$ begin if amnt <= 0.00 then raise exception 'The transfer amount must be positive'; end if; if from_id = to_id then raise exception 'Sender and receiver cannot be the same'; end if; update s.accounts set balance = balance - amnt where id = from_id; update s.accounts set balance = balance + amnt where id = to_id; end; $body$;
-
Transfer $20.00 from Jane to John.
call s.transfer(1, 2, 20.00); select * from s.accounts order by 1;
id | name | balance ----+------+--------- 1 | Jane | 80.00 2 | John | 70.00 (2 rows)
-
Errors will be thrown for unsupported argument values.
CALL s.transfer(2, 2, 20.00);
ERROR: Sender and receiver cannot be the same
call s.transfer(1, 2, -20.00);
ERROR: The transfer amount must be positive
Always name the formal arguments and write the procedure's body last.
YSQL inherits from PostgreSQL the ability to specify the arguments only by listing their data types and to reference them in the body using the positional notation $1
, $2
, and so on. The earliest versions of PostgreSQL didn't allow named parameters. But the version that YSQL is based on does allow this. Your code will be very much easier to understand if you use named arguments like the example does.
The syntax rules allow you to write the alterable and unalterable attributes in any order, like this:
create or replace procedure s.transfer(from_id in int, to_id in int, amnt in decimal)
security definer
as $body$
begin
if amnt <= 0.00 then
raise exception 'The transfer amount must be positive';
end if;
if from_id = to_id then
raise exception 'Sender and receiver cannot be the same';
end if;
update s.accounts set balance = balance - amnt where id = from_id;
update s.accounts set balance = balance + amnt where id = to_id;
end;
$body$
set search_path = pg_catalog, pg_temp
language plpgsql;
Yugabyte recommends that you avoid exploiting this freedom and choose a standard order where, especially, you write the body last. (Try the \sf meta-command for a procedure that you created. It always shows the source text last, no matter what order your create [or replace] used.) For example, it helps readability to specify the language immediately before the body. Following this practice will allow you to review, and discuss, your code in a natural way by distinguishing, informally, between the procedure header (i.e. everything that comes before the body) and the implementation (i.e. the body).