From a9ca481c88fb619c6d35f2a6b64253bb46240c5d Mon Sep 17 00:00:00 2001
From: "chandr-andr (Kiselev Aleksandr)" <askiselev00@gmail.com>
Date: Sun, 3 Mar 2024 16:37:30 +0100
Subject: [PATCH 1/2] Added ReadOnly session attr

---
 tokio-postgres/src/config.rs       | 3 +++
 tokio-postgres/tests/test/parse.rs | 8 ++++++++
 2 files changed, 11 insertions(+)

diff --git a/tokio-postgres/src/config.rs b/tokio-postgres/src/config.rs
index b178eac80..c78346fff 100644
--- a/tokio-postgres/src/config.rs
+++ b/tokio-postgres/src/config.rs
@@ -34,6 +34,8 @@ pub enum TargetSessionAttrs {
     Any,
     /// The session must allow writes.
     ReadWrite,
+    /// The session allow only reads.
+    ReadOnly,
 }
 
 /// TLS configuration.
@@ -622,6 +624,7 @@ impl Config {
                 let target_session_attrs = match value {
                     "any" => TargetSessionAttrs::Any,
                     "read-write" => TargetSessionAttrs::ReadWrite,
+                    "read-only" => TargetSessionAttrs::ReadOnly,
                     _ => {
                         return Err(Error::config_parse(Box::new(InvalidValue(
                             "target_session_attrs",
diff --git a/tokio-postgres/tests/test/parse.rs b/tokio-postgres/tests/test/parse.rs
index 2c11899ca..04d422e27 100644
--- a/tokio-postgres/tests/test/parse.rs
+++ b/tokio-postgres/tests/test/parse.rs
@@ -34,6 +34,14 @@ fn settings() {
             .keepalives_idle(Duration::from_secs(30))
             .target_session_attrs(TargetSessionAttrs::ReadWrite),
     );
+    check(
+        "connect_timeout=3 keepalives=0 keepalives_idle=30 target_session_attrs=read-only",
+        Config::new()
+            .connect_timeout(Duration::from_secs(3))
+            .keepalives(false)
+            .keepalives_idle(Duration::from_secs(30))
+            .target_session_attrs(TargetSessionAttrs::ReadOnly),
+    );
 }
 
 #[test]

From 6a01730cbfed5d9c0aa694401704e6fe7ec0c8b5 Mon Sep 17 00:00:00 2001
From: "chandr-andr (Kiselev Aleksandr)" <askiselev00@gmail.com>
Date: Sun, 3 Mar 2024 19:17:50 +0100
Subject: [PATCH 2/2] Added ReadOnly session attr

---
 tokio-postgres/src/connect.rs | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/tokio-postgres/src/connect.rs b/tokio-postgres/src/connect.rs
index ca57b9cdd..8189cb91c 100644
--- a/tokio-postgres/src/connect.rs
+++ b/tokio-postgres/src/connect.rs
@@ -160,7 +160,7 @@ where
     let has_hostname = hostname.is_some();
     let (mut client, mut connection) = connect_raw(socket, tls, has_hostname, config).await?;
 
-    if let TargetSessionAttrs::ReadWrite = config.target_session_attrs {
+    if config.target_session_attrs != TargetSessionAttrs::Any {
         let rows = client.simple_query_raw("SHOW transaction_read_only");
         pin_mut!(rows);
 
@@ -185,11 +185,21 @@ where
 
             match next.await.transpose()? {
                 Some(SimpleQueryMessage::Row(row)) => {
-                    if row.try_get(0)? == Some("on") {
+                    let read_only_result = row.try_get(0)?;
+                    if read_only_result == Some("on")
+                        && config.target_session_attrs == TargetSessionAttrs::ReadWrite
+                    {
                         return Err(Error::connect(io::Error::new(
                             io::ErrorKind::PermissionDenied,
                             "database does not allow writes",
                         )));
+                    } else if read_only_result == Some("off")
+                        && config.target_session_attrs == TargetSessionAttrs::ReadOnly
+                    {
+                        return Err(Error::connect(io::Error::new(
+                            io::ErrorKind::PermissionDenied,
+                            "database is not read only",
+                        )));
                     } else {
                         break;
                     }