Fix secondary index behavior

[brfrn169]

Description

Provide a brief description about why this PR is necessary. Be sure to provide context.

Related issues and/or PRs

If this PR addresses or references any issues and/or other PRs, list them here. For example, "Fixes #123", "Related to #456", or "Addresses #789".

Changes made

Outline the specific changes made in this pull request. Include relevant details, such as added features, bug fixes, code refactoring, or improvements.

Checklist

The following is a best-effort checklist. If any items in this checklist are not applicable to this PR or are dependent on other, unmerged PRs, please still mark the checkboxes after you have read and understood each item.

• I have commented my code, particularly in hard-to-understand areas.
• I have updated the documentation to reflect the changes.
• I have considered whether similar issues could occur in other products, components, or modules if this PR is for bug fixes.
• Any remaining open issues linked to this PR are documented and up-to-date (Jira, GitHub, etc.).
• Tests (unit, integration, etc.) have been added for the changes.
• My changes generate no new warnings.
• Any dependent changes in other PRs have been merged and published.

Additional notes (optional)

Provide any additional information or notes that may be relevant to the reviewers or stakeholders.

Release notes

Provide release note text for this PR based on the guidelines at Guidelines for Writing Release Notes.

For example:

Added validation for the Consensus Commit mutation operation.

[gemini-code-assist]

Summary of Changes

Hello @brfrn169, I'm Gemini Code Assist¹! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request significantly refactors and strengthens the validation mechanisms within the Consensus Commit transaction protocol. By introducing a unified operation checker, it enforces more rigorous constraints on how Get, Scan, and Mutation operations interact with transaction metadata and secondary indexes. These changes are particularly impactful for transactions operating under the SERIALIZABLE isolation level, where certain index-based operations are now explicitly disallowed to maintain transactional integrity and correctness. The overall goal is to enhance the robustness and predictability of transaction behavior.

Highlights

• Unified Operation Checker: A new ConsensusCommitOperationChecker class has been introduced to centralize and consolidate validation logic for Get, Scan, and Mutation operations within Consensus Commit transactions. This replaces the previous ConsensusCommitMutationOperationChecker.
• Enhanced Validation for Read Operations: The new checker extends validation to Get and Scan operations, preventing the use of transaction metadata columns in projections, conditions, or orderings, unless explicitly enabled via configuration (isIncludeMetadataEnabled).
• Restrictions for SERIALIZABLE Isolation Level: Stricter rules are now enforced for the SERIALIZABLE isolation level: Get and Scan operations using secondary indexes are disallowed, and cross-partition Scan operations (ScanAll) with conditions on indexed columns are also prohibited.
• Core Component Updates: The ConsensusCommit and ConsensusCommitManager classes have been refactored to integrate and utilize the new ConsensusCommitOperationChecker, ensuring all relevant operations pass through the updated validation pipeline.
• Conditional Index Conversion in Utils: The ConsensusCommitUtils class has been updated to conditionally convert conditions on indexed columns for Scan operations, specifically preventing such conversions for ScanAll operations to align with the new SERIALIZABLE isolation restrictions.
• New Error Codes: Several new CoreError codes have been added to provide specific error messages for the newly introduced validation failures, improving clarity for users encountering these restrictions.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature	Command	Description
Code Review	/gemini review	Performs a code review for the current pull request in its current state.
Pull Request Summary	/gemini summary	Provides a summary of the current pull request in its current state.
Comment	@gemini-code-assist	Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help	/gemini help	Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution. ↩

[gemini-code-assist]

Code Review

This pull request introduces important fixes and improvements related to secondary index behavior in Consensus Commit, especially for the SERIALIZABLE isolation level.

The main changes include:

• A new ConsensusCommitOperationChecker class is introduced, which consolidates and extends the validation logic for Get, Scan, and Mutation operations. This is a good refactoring that improves code organization.
• New restrictions are added for the SERIALIZABLE isolation level:
  • Get and Scan operations using a secondary index are now disallowed.
  • Conditions on indexed columns in cross-partition scans (ScanAll) are also disallowed.
• The logic for preparing scan operations in ConsensusCommitUtils has been updated to handle conditions on indexed columns in ScanAll operations differently, which seems to be a performance optimization.
• MutationConditionsValidator has been refactored to reduce its dependency on TransactionContext, which is a nice improvement for decoupling.

The changes are well-implemented, and the test suite has been updated comprehensively to cover the new behavior, including new integration tests that validate the new restrictions.

Overall, this is a high-quality pull request that improves the correctness and robustness of the transaction implementation. I have no further comments.

[Copilot]

Pull Request Overview

This PR enhances operation checking in consensus commit transactions by introducing restrictions for SERIALIZABLE isolation level and extending the operation checker to validate read operations. The changes prevent index-based operations and conditions on indexed columns in specific scenarios when using SERIALIZABLE isolation, as these operations cannot guarantee serializability.

Key changes:

• Renames and expands ConsensusCommitMutationOperationChecker to ConsensusCommitOperationChecker with support for Get/Scan validation
• Adds SERIALIZABLE isolation checks to reject index-based Get/Scan operations and conditions on indexed columns in cross-partition scans
• Refactors condition conversion logic to skip indexed column conditions for ScanAll operations

Reviewed Changes

Copilot reviewed 21 out of 21 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
ConsensusCommitOperationChecker.java	New class replacing ConsensusCommitMutationOperationChecker with added Get/Scan validation and SERIALIZABLE isolation checks
ConsensusCommitMutationOperationChecker.java	Removed - replaced by ConsensusCommitOperationChecker
ConsensusCommit.java, TwoPhaseConsensusCommit.java	Updated to call operation checker for Get/Scan operations and use renamed checker
ConsensusCommitManager.java, TwoPhaseConsensusCommitManager.java	Updated to instantiate ConsensusCommitOperationChecker with include_metadata flag
ConsensusCommitUtils.java	Modified conjunction conversion to conditionally skip indexed columns based on scan type
MutationConditionsValidator.java	Simplified to accept transactionId string instead of full TransactionContext
CrudHandler.java	Updated to pass transactionId to MutationConditionsValidator
CoreError.java	Added error codes for projection/ordering metadata restrictions and SERIALIZABLE index operation restrictions
ConsensusCommitSpecificIntegrationTestBase.java	Updated tests to reflect SERIALIZABLE restrictions and removed obsolete index operation tests
Various test files	Updated to use renamed ConsensusCommitOperationChecker and adjust mock behavior

Comments suppressed due to low confidence (1)

core/src/main/java/com/scalar/db/common/CoreError.java:439

• The error message format for CONSENSUS_COMMIT_CONDITION_NOT_ALLOWED_TO_TARGET_TRANSACTION_METADATA_COLUMNS was changed from accepting one parameter (Column: %s) to accepting two parameters (Table: %s; Column: %s) in the new usage, but the error enum definition was not updated. This will cause a format string mismatch. The error definition should be updated to match the new usage pattern seen in line 72 and 232 of ConsensusCommitOperationChecker.java where buildMessage(get.forFullTableName().get(), column) and buildMessage(mutation.forFullTableName().get(), column) are called.

  CONSENSUS_COMMIT_CONDITION_NOT_ALLOWED_TO_TARGET_TRANSACTION_METADATA_COLUMNS(
      Category.USER_ERROR,
      "0100",
      "The condition is not allowed to target transaction metadata columns. Column: %s",
      "",
      ""),

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The logic for skipping indexed column conversion is only checking metadata.getSecondaryIndexNames().contains(columnName) but doesn't check partition key or clustering key columns (which are also indexed). According to lines 488-494, partition and clustering keys are already skipped, but the comment on line 496 and the parameter name convertIndexedColumns suggest this should handle all indexed columns. Consider renaming the parameter to convertSecondaryIndexedColumns for clarity, or verify that the current behavior matches the intended design.

[Copilot]

Method ConsensusCommitOperationChecker.check(..) could be confused with overloaded method check, since dispatch depends on static types.

[Copilot]

Method ConsensusCommitOperationChecker.check(..) could be confused with overloaded method check, since dispatch depends on static types.