graphql-engine/server/tests-py/queries/graphql_mutation/insert/permissions/schema_setup.yaml

type: bulk
args:

#Author table
- type: run_sql
  args:
    sql: |
      create table author(
          id serial primary key,
          name text unique,
          bio text,
          is_registered boolean not null default false
      );
- type: track_table
  args:
    schema: public
    name: author

#Article table
- type: run_sql
  args:
    sql: |
      CREATE TABLE article (
        id SERIAL PRIMARY KEY,
        title TEXT,
        content TEXT,
        author_id INTEGER REFERENCES author(id),
        is_published BOOLEAN,
        published_on TIMESTAMP
      );

      CREATE FUNCTION fetch_articles(search text, author_row author)
      RETURNS SETOF article AS $$
        SELECT *
        FROM article
        WHERE
          ( title ilike ('%' || search || '%')
            OR content ilike ('%' || search || '%')
          ) AND author_id = author_row.id
      $$ LANGUAGE sql STABLE;

- type: track_table
  args:
    schema: public
    name: article

- type: add_computed_field
  args:
    table: author
    name: get_articles
    definition:
      function: fetch_articles
      table_argument: author_row

#Create resident table
- type: run_sql
  args:
    sql: |
      CREATE TABLE resident (
        id SERIAL PRIMARY KEY,
        name TEXT NOT NULL UNIQUE,
        age INTEGER NOT NULL,
        is_user BOOLEAN DEFAULT FALSE NOT NULL
      )
- type: track_table
  args:
    schema: public
    name: resident

#Create address table
- type: run_sql
  args:
    sql: |
      CREATE TABLE address (
        id SERIAL PRIMARY KEY,
        door_no TEXT NOT NULL,
        street TEXT NOT NULL,
        city TEXT NOT NULL,
        resident_id INTEGER REFERENCES resident(id)
      )
- type: track_table
  args:
    schema: public
    name: address

#Create Company table
- type: run_sql
  args:
    sql: |
      CREATE TABLE "Company" (
      "id" SERIAL PRIMARY KEY,
      "name" TEXT
      )
- type: track_table
  args:
    schema: public
    name: Company

#Object relationship
- type: create_object_relationship
  args:
    table: article
    name: author
    using:
      foreign_key_constraint_on: author_id

#Array relationship
- type: create_array_relationship
  args:
    table: author
    name: articles
    using:
      foreign_key_constraint_on:
        table: article
        column: author_id

#Article select permission for user
- type: create_select_permission
  args:
    table: article
    role: user
    permission:
      columns: '*'
      filter:
        $or:
          - author_id: X-HASURA-USER-ID
          - is_published: true

#Article select permission for editor
- type: create_select_permission
  args:
    table: article
    role: editor
    permission:
      columns: '*'
      filter:
        $or:
          - author_id:
              $in: X-Hasura-Allowed-User-Ids
          - is_published: true

#Article insert permission for user
- type: create_insert_permission
  args:
    table: article
    role: user
    permission:
      check:
        author_id: X-Hasura-User-Id

#Article insert permission for editor
#Editor can create articles for some of the users
- type: create_insert_permission
  args:
    table: article
    role: editor
    permission:
      check:
        author_id:
          $in: X-Hasura-Allowed-User-Ids

#Article udpate permission for user
- type: create_update_permission
  args:
    table: article
    role: user
    permission:
      filter:
        author_id: X-Hasura-User-Id
      columns: '*'

#Author select permission for user
- type: create_select_permission
  args:
    table: author
    role: user
    permission:
      columns:
      - id
      - name
      - is_registered
      filter:
        id: X-HASURA-USER-ID

#Author insert and update permission for user
#Only admin can set is_registered to true
- type: create_insert_permission
  args:
    table: author
    role: user
    permission:
      check:
        $and:
        - id: X-HASURA-USER-ID
        - is_registered: false

- type: create_update_permission
  args:
    table: author
    role: user
    permission:
      columns: '*'
      filter:
        $and:
        - id: X-HASURA-USER-ID
        - is_registered: false

#Author insert permission for student
#A Student should specify their Bio
- type: create_insert_permission
  args:
    table: author
    role: student
    permission:
      check:
        bio:
          _is_null: false

#Company insert permission for user
- type: create_insert_permission
  args:
    table: Company
    role: user
    permission:
      check:
        id: X-HASURA-COMPANY-ID

#Company update permission for user
- type: create_update_permission
  args:
    table: Company
    role: user
    permission:
      filter:
        id: X-HASURA-COMPANY-ID
      columns: '*'

#Company select permission for user
- type: create_select_permission
  args:
    table: Company
    role: user
    permission:
      columns:
      - id
      - name
      filter:
        id: X-HASURA-COMPANY-ID

#Create insert permission for user on resident
- type: create_insert_permission
  args:
    table: resident
    role: user
    permission:
      check:
        id: X-Hasura-Resident-Id
      set:
        name: X-Hasura-Resident-Name
        is_user: true

#Create select permission for user on resident
- type: create_select_permission
  args:
    table: resident
    role: user
    permission:
      columns:
      - id
      - name
      - age
      - is_user
      filter:
        id: X-Hasura-Resident-Id

#Create insert permission for infant on resident
- type: create_insert_permission
  args:
    table: resident
    role: infant
    permission:
      check:
        id: X-Hasura-Infant-Id
      set:
        name: X-Hasura-Infant-Name
        id: X-Hasura-Infant-Id
      columns:
      - age

#Create select permission for infant on resident
- type: create_select_permission
  args:
    table: resident
    role: infant
    permission:
      columns:
      - id
      - name
      - age
      - is_user
      filter:
        id: X-Hasura-Infant-Id

#Create permissions for resident role on resident table
- type: create_insert_permission
  args:
    table: resident
    role: resident
    permission:
      check:
        id: X-Hasura-Resident-Id

- type: create_update_permission
  args:
    table: resident
    role: resident
    permission:
      columns: '*'
      filter:
        id: X-Hasura-Resident-Id
- type: create_select_permission
  args:
    table: resident
    role: resident
    permission:
      columns: '*'
      filter:
        id: X-Hasura-Resident-Id


#Create blog table
- type: run_sql
  args:
    sql: |
      CREATE TABLE blog (
        id serial primary key,
        title text not null,
        content text,
        author_id INTEGER REFERENCES author(id),
        last_updated timestamptz,
        updated_by INTEGER REFERENCES author(id)
      );

- type: track_table
  args:
    name: blog
    schema: public

- type: create_select_permission
  args:
    table: blog
    role: user
    permission:
      columns: '*'
      filter:
        author_id: X-Hasura-User-Id

- type: create_insert_permission
  args:
    table: blog
    role: user
    permission:
      check: {}

- type: create_update_permission
  args:
    table: blog
    role: user
    permission:
      columns:
      - title
      - content
      filter: {}
      set:
        last_updated: 'NOW()'
        updated_by: X-Hasura-User-Id

- type: run_sql
  args:
    sql: |
     CREATE TABLE computer (
       id          SERIAL PRIMARY KEY,
       name        TEXT    NOT NULL,
       spec        JSONB   NOT NULL
     );

- type: track_table
  args:
    name: computer
    schema: public

- type: create_insert_permission
  args:
    table: computer
    role: seller
    permission:
      check:
        spec:
          _has_keys_all: X-Hasura-Spec-Required-Keys
      columns: '*'

- type: create_insert_permission
  args:
    table: computer
    role: developer
    permission:
      check:
        spec:
          _has_keys_any: X-Hasura-Spec-Keys
      columns: '*'

- type: create_select_permission
  args:
    table: computer
    role: seller
    permission:
      columns: '*'
      filter: {}

- type: create_select_permission
  args:
    table: computer
    role: developer
    permission:
      columns: '*'
      filter: {}

# Tables to test '_exist' field
- type: run_sql
  args:
    sql: |
      create table "user" (
        id serial primary key,
        name text not null unique,
        is_admin boolean default false
      );

      create table account (
        id serial primary key,
        account_no integer not null
      );

- type: track_table
  args:
    name: user
    schema: public

- type: track_table
  args:
    name: account
    schema: public

- type: create_insert_permission
  args:
    table: account
    role: user
    permission:
      columns:
      - account_no
      check:
        _exists:
          _table: user
          _where:
            id: X-Hasura-User-Id
            is_admin: true
python based tests (#387) 2018-09-18 09:21:57 +03:00			`type: bulk`
			`args:`

			`#Author table`
			`- type: run_sql`
			`args:`
			`sql: \|`
			`create table author(`
run graphql tests on both http and websocket; add parallelism (close #1868) (#1921) Examples 1) ` pytest --hge-urls "http://127.0.0.1:8080" --pg-urls "postgresql://admin@127.0.0.1:5432/hge_tests" -vv ` 2) `pytest --hge-urls "http://127.0.0.1:8080" "http://127.0.0.1:8081" --pg-urls "postgresql://admin@127.0.0.1:5432/hge_tests" "postgresql://admin@127.0.0.1:5432/hge_tests2" -vv ` ### Solution and Design <!-- How is this issue solved/fixed? What is the design? --> <!-- It's better if we elaborate --> #### Reducing execution time of tests - The Schema setup and teardown, which were earlier done per test method, usually takes around 1 sec. - For mutations, the model has now been changed to only do schema setup and teardown once per test class. - A data setup and teardown will be done once per test instead (usually takes ~10ms). - For the test class to get this behaviour, one can can extend the class `DefaultTestMutations`. - The function `dir()` should be define which returns the location of the configuration folder. - Inside the configuration folder, there should be - Files `<conf_dir>/schema_setup.yaml` and `<conf_dir>/schema_teardown.yaml`, which has the metadata query executed during schema setup and teardown respectively - Files named `<conf_dir>/values_setup.yaml` and `<conf_dir>/values_teardown.yaml`. These files are executed to setup and remove data from the tables respectively. #### Running Graphql queries on both http and websockets - Each GraphQL query/mutation is run on the both HTTP and websocket protocols - Pytests test parameterisation is used to achieve this - The errors over websockets are slightly different from that on HTTP - The code takes care of converting the errors in HTTP to errors in websockets #### Parallel executation of tests. - The plugin pytest-xdist helps in running tests on parallel workers. - We are using this plugin to group tests by file and run on different workers. - Parallel test worker processes operate on separate postgres databases(and separate graphql-engines connected to these databases). Thus tests on one worker will not affect the tests on the other worker. - With two workers, this decreases execution times by half, as the tests on event triggers usually takes a long time, but does not consume much CPU. 2019-04-08 10:22:38 +03:00			`id serial primary key,`
			`name text unique,`
allow _is_null operator for filter/check permissions (close #456) (#477) 2018-09-18 14:45:35 +03:00			`bio text,`
python based tests (#387) 2018-09-18 09:21:57 +03:00			`is_registered boolean not null default false`
			`);`
			`- type: track_table`
			`args:`
			`schema: public`
			`name: author`

			`#Article table`
			`- type: run_sql`
			`args:`
			`sql: \|`
			`CREATE TABLE article (`
			`id SERIAL PRIMARY KEY,`
			`title TEXT,`
			`content TEXT,`
			`author_id INTEGER REFERENCES author(id),`
			`is_published BOOLEAN,`
			`published_on TIMESTAMP`
fix postgres query error when computed fields included in mutation response, fix #4035 2020-03-10 15:45:47 +03:00			`);`

			`CREATE FUNCTION fetch_articles(search text, author_row author)`
			`RETURNS SETOF article AS $$`
			`SELECT *`
			`FROM article`
			`WHERE`
			`( title ilike ('%' \|\| search \|\| '%')`
			`OR content ilike ('%' \|\| search \|\| '%')`
			`) AND author_id = author_row.id`
			`$$ LANGUAGE sql STABLE;`

python based tests (#387) 2018-09-18 09:21:57 +03:00			`- type: track_table`
			`args:`
			`schema: public`
			`name: article`

fix postgres query error when computed fields included in mutation response, fix #4035 2020-03-10 15:45:47 +03:00			`- type: add_computed_field`
			`args:`
			`table: author`
			`name: get_articles`
			`definition:`
			`function: fetch_articles`
			`table_argument: author_row`

python based tests (#387) 2018-09-18 09:21:57 +03:00			`#Create resident table`
			`- type: run_sql`
			`args:`
			`sql: \|`
			`CREATE TABLE resident (`
			`id SERIAL PRIMARY KEY,`
apply update permissions for upsert mutations (#628) 2018-12-15 19:10:29 +03:00			`name TEXT NOT NULL UNIQUE,`
optional 'set' field in insert permissions, closes #216 (#622) 2018-10-26 17:58:20 +03:00			`age INTEGER NOT NULL,`
			`is_user BOOLEAN DEFAULT FALSE NOT NULL`
python based tests (#387) 2018-09-18 09:21:57 +03:00			`)`
			`- type: track_table`
			`args:`
			`schema: public`
			`name: resident`

			`#Create address table`
			`- type: run_sql`
			`args:`
			`sql: \|`
			`CREATE TABLE address (`
			`id SERIAL PRIMARY KEY,`
			`door_no TEXT NOT NULL,`
			`street TEXT NOT NULL,`
			`city TEXT NOT NULL,`
			`resident_id INTEGER REFERENCES resident(id)`
			`)`
			`- type: track_table`
			`args:`
			`schema: public`
			`name: address`

quote constraint name for non-admin inserts (fix #494) (#497) ### Description What component does this PR affect? - [x] Server ### Related Issue #494 ### Solution and Design Use `quote_ident()` SQL function over `constraint_name` in insert trigger function definition. ### Type - [x] Bug fix (non-breaking change which fixes an issue) 2018-09-20 18:24:20 +03:00			`#Create Company table`
			`- type: run_sql`
			`args:`
			`sql: \|`
			`CREATE TABLE "Company" (`
			`"id" SERIAL PRIMARY KEY,`
			`"name" TEXT`
			`)`
			`- type: track_table`
			`args:`
			`schema: public`
			`name: Company`

python based tests (#387) 2018-09-18 09:21:57 +03:00			`#Object relationship`
			`- type: create_object_relationship`
			`args:`
			`table: article`
			`name: author`
			`using:`
			`foreign_key_constraint_on: author_id`

			`#Array relationship`
			`- type: create_array_relationship`
			`args:`
			`table: author`
			`name: articles`
			`using:`
			`foreign_key_constraint_on:`
			`table: article`
			`column: author_id`

			`#Article select permission for user`
			`- type: create_select_permission`
			`args:`
			`table: article`
			`role: user`
			`permission:`
			`columns: '*'`
			`filter:`
			`$or:`
			`- author_id: X-HASURA-USER-ID`
			`- is_published: true`

allow session variables in operators which expect array input (#2475) 2019-07-10 13:19:58 +03:00			`#Article select permission for editor`
			`- type: create_select_permission`
			`args:`
			`table: article`
			`role: editor`
			`permission:`
			`columns: '*'`
			`filter:`
			`$or:`
			`- author_id:`
			`$in: X-Hasura-Allowed-User-Ids`
			`- is_published: true`

python based tests (#387) 2018-09-18 09:21:57 +03:00			`#Article insert permission for user`
			`- type: create_insert_permission`
			`args:`
			`table: article`
			`role: user`
			`permission:`
			`check:`
			`author_id: X-Hasura-User-Id`

allow session variables in operators which expect array input (#2475) 2019-07-10 13:19:58 +03:00			`#Article insert permission for editor`
			`#Editor can create articles for some of the users`
			`- type: create_insert_permission`
			`args:`
			`table: article`
			`role: editor`
			`permission:`
			`check:`
			`author_id:`
			`$in: X-Hasura-Allowed-User-Ids`

apply update permissions for upsert mutations (#628) 2018-12-15 19:10:29 +03:00			`#Article udpate permission for user`
			`- type: create_update_permission`
			`args:`
			`table: article`
			`role: user`
			`permission:`
			`filter:`
			`author_id: X-Hasura-User-Id`
			`columns: '*'`

python based tests (#387) 2018-09-18 09:21:57 +03:00			`#Author select permission for user`
			`- type: create_select_permission`
			`args:`
			`table: author`
			`role: user`
			`permission:`
			`columns:`
			`- id`
			`- name`
			`- is_registered`
			`filter:`
			`id: X-HASURA-USER-ID`

apply update permissions for upsert mutations (#628) 2018-12-15 19:10:29 +03:00			`#Author insert and update permission for user`
python based tests (#387) 2018-09-18 09:21:57 +03:00			`#Only admin can set is_registered to true`
			`- type: create_insert_permission`
			`args:`
			`table: author`
			`role: user`
			`permission:`
			`check:`
			`$and:`
			`- id: X-HASURA-USER-ID`
			`- is_registered: false`
apply update permissions for upsert mutations (#628) 2018-12-15 19:10:29 +03:00
			`- type: create_update_permission`
			`args:`
			`table: author`
			`role: user`
			`permission:`
			`columns: '*'`
			`filter:`
			`$and:`
			`- id: X-HASURA-USER-ID`
			`- is_registered: false`
python based tests (#387) 2018-09-18 09:21:57 +03:00
allow _is_null operator for filter/check permissions (close #456) (#477) 2018-09-18 14:45:35 +03:00			`#Author insert permission for student`
			`#A Student should specify their Bio`
			`- type: create_insert_permission`
			`args:`
			`table: author`
			`role: student`
			`permission:`
			`check:`
			`bio:`
			`_is_null: false`
quote constraint name for non-admin inserts (fix #494) (#497) ### Description What component does this PR affect? - [x] Server ### Related Issue #494 ### Solution and Design Use `quote_ident()` SQL function over `constraint_name` in insert trigger function definition. ### Type - [x] Bug fix (non-breaking change which fixes an issue) 2018-09-20 18:24:20 +03:00
			`#Company insert permission for user`
			`- type: create_insert_permission`
			`args:`
			`table: Company`
			`role: user`
			`permission:`
			`check:`
			`id: X-HASURA-COMPANY-ID`
apply update permissions for upsert mutations (#628) 2018-12-15 19:10:29 +03:00
			`#Company update permission for user`
			`- type: create_update_permission`
			`args:`
			`table: Company`
			`role: user`
			`permission:`
			`filter:`
			`id: X-HASURA-COMPANY-ID`
			`columns: '*'`
quote constraint name for non-admin inserts (fix #494) (#497) ### Description What component does this PR affect? - [x] Server ### Related Issue #494 ### Solution and Design Use `quote_ident()` SQL function over `constraint_name` in insert trigger function definition. ### Type - [x] Bug fix (non-breaking change which fixes an issue) 2018-09-20 18:24:20 +03:00
			`#Company select permission for user`
			`- type: create_select_permission`
			`args:`
			`table: Company`
			`role: user`
			`permission:`
			`columns:`
			`- id`
			`- name`
			`filter:`
			`id: X-HASURA-COMPANY-ID`
optional 'set' field in insert permissions, closes #216 (#622) 2018-10-26 17:58:20 +03:00
			`#Create insert permission for user on resident`
			`- type: create_insert_permission`
			`args:`
			`table: resident`
			`role: user`
			`permission:`
			`check:`
			`id: X-Hasura-Resident-Id`
			`set:`
			`name: X-Hasura-Resident-Name`
			`is_user: true`

			`#Create select permission for user on resident`
			`- type: create_select_permission`
			`args:`
			`table: resident`
			`role: user`
			`permission:`
			`columns:`
			`- id`
			`- name`
			`- age`
			`- is_user`
			`filter:`
			`id: X-Hasura-Resident-Id`
allow specifying a list of columns that can be inserted (close #250) (#917) 2018-11-02 18:08:38 +03:00
			`#Create insert permission for infant on resident`
			`- type: create_insert_permission`
			`args:`
			`table: resident`
			`role: infant`
			`permission:`
			`check:`
			`id: X-Hasura-Infant-Id`
			`set:`
			`name: X-Hasura-Infant-Name`
			`id: X-Hasura-Infant-Id`
			`columns:`
			`- age`

			`#Create select permission for infant on resident`
			`- type: create_select_permission`
			`args:`
			`table: resident`
			`role: infant`
			`permission:`
			`columns:`
			`- id`
			`- name`
			`- age`
			`- is_user`
			`filter:`
			`id: X-Hasura-Infant-Id`

apply update permissions for upsert mutations (#628) 2018-12-15 19:10:29 +03:00			`#Create permissions for resident role on resident table`
			`- type: create_insert_permission`
			`args:`
			`table: resident`
			`role: resident`
			`permission:`
			`check:`
			`id: X-Hasura-Resident-Id`

			`- type: create_update_permission`
			`args:`
			`table: resident`
			`role: resident`
			`permission:`
			`columns: '*'`
			`filter:`
			`id: X-Hasura-Resident-Id`
			`- type: create_select_permission`
			`args:`
			`table: resident`
			`role: resident`
			`permission:`
			`columns: '*'`
			`filter:`
			`id: X-Hasura-Resident-Id`

enforce column presets of update permission with upserts (fix #1647) (#1653) 2019-02-23 13:36:42 +03:00
			`#Create blog table`
			`- type: run_sql`
			`args:`
			`sql: \|`
			`CREATE TABLE blog (`
			`id serial primary key,`
			`title text not null,`
			`content text,`
			`author_id INTEGER REFERENCES author(id),`
			`last_updated timestamptz,`
			`updated_by INTEGER REFERENCES author(id)`
			`);`

			`- type: track_table`
			`args:`
			`name: blog`
			`schema: public`
run graphql tests on both http and websocket; add parallelism (close #1868) (#1921) Examples 1) ` pytest --hge-urls "http://127.0.0.1:8080" --pg-urls "postgresql://admin@127.0.0.1:5432/hge_tests" -vv ` 2) `pytest --hge-urls "http://127.0.0.1:8080" "http://127.0.0.1:8081" --pg-urls "postgresql://admin@127.0.0.1:5432/hge_tests" "postgresql://admin@127.0.0.1:5432/hge_tests2" -vv ` ### Solution and Design <!-- How is this issue solved/fixed? What is the design? --> <!-- It's better if we elaborate --> #### Reducing execution time of tests - The Schema setup and teardown, which were earlier done per test method, usually takes around 1 sec. - For mutations, the model has now been changed to only do schema setup and teardown once per test class. - A data setup and teardown will be done once per test instead (usually takes ~10ms). - For the test class to get this behaviour, one can can extend the class `DefaultTestMutations`. - The function `dir()` should be define which returns the location of the configuration folder. - Inside the configuration folder, there should be - Files `<conf_dir>/schema_setup.yaml` and `<conf_dir>/schema_teardown.yaml`, which has the metadata query executed during schema setup and teardown respectively - Files named `<conf_dir>/values_setup.yaml` and `<conf_dir>/values_teardown.yaml`. These files are executed to setup and remove data from the tables respectively. #### Running Graphql queries on both http and websockets - Each GraphQL query/mutation is run on the both HTTP and websocket protocols - Pytests test parameterisation is used to achieve this - The errors over websockets are slightly different from that on HTTP - The code takes care of converting the errors in HTTP to errors in websockets #### Parallel executation of tests. - The plugin pytest-xdist helps in running tests on parallel workers. - We are using this plugin to group tests by file and run on different workers. - Parallel test worker processes operate on separate postgres databases(and separate graphql-engines connected to these databases). Thus tests on one worker will not affect the tests on the other worker. - With two workers, this decreases execution times by half, as the tests on event triggers usually takes a long time, but does not consume much CPU. 2019-04-08 10:22:38 +03:00
enforce column presets of update permission with upserts (fix #1647) (#1653) 2019-02-23 13:36:42 +03:00			`- type: create_select_permission`
			`args:`
			`table: blog`
			`role: user`
			`permission:`
			`columns: '*'`
			`filter:`
			`author_id: X-Hasura-User-Id`

			`- type: create_insert_permission`
			`args:`
			`table: blog`
			`role: user`
			`permission:`
			`check: {}`

			`- type: create_update_permission`
			`args:`
			`table: blog`
			`role: user`
			`permission:`
			`columns:`
			`- title`
			`- content`
			`filter: {}`
			`set:`
			`last_updated: 'NOW()'`
			`updated_by: X-Hasura-User-Id`

allow session variables in operators which expect array input (#2475) 2019-07-10 13:19:58 +03:00			`- type: run_sql`
			`args:`
			`sql: \|`
			`CREATE TABLE computer (`
			`id SERIAL PRIMARY KEY,`
			`name TEXT NOT NULL,`
			`spec JSONB NOT NULL`
			`);`

			`- type: track_table`
			`args:`
			`name: computer`
			`schema: public`

			`- type: create_insert_permission`
			`args:`
			`table: computer`
			`role: seller`
			`permission:`
			`check:`
			`spec:`
			`_has_keys_all: X-Hasura-Spec-Required-Keys`
			`columns: '*'`

			`- type: create_insert_permission`
			`args:`
			`table: computer`
			`role: developer`
			`permission:`
			`check:`
			`spec:`
			`_has_keys_any: X-Hasura-Spec-Keys`
			`columns: '*'`
enforce column presets of update permission with upserts (fix #1647) (#1653) 2019-02-23 13:36:42 +03:00
allow session variables in operators which expect array input (#2475) 2019-07-10 13:19:58 +03:00			`- type: create_select_permission`
			`args:`
			`table: computer`
			`role: seller`
			`permission:`
			`columns: '*'`
			`filter: {}`
enforce column presets of update permission with upserts (fix #1647) (#1653) 2019-02-23 13:36:42 +03:00
allow session variables in operators which expect array input (#2475) 2019-07-10 13:19:58 +03:00			`- type: create_select_permission`
			`args:`
			`table: computer`
			`role: developer`
			`permission:`
			`columns: '*'`
			`filter: {}`
allow creating permissions with conditions spanning tables (close #2512) (#2701) 2019-09-05 10:34:53 +03:00
			`# Tables to test '_exist' field`
			`- type: run_sql`
			`args:`
			`sql: \|`
			`create table "user" (`
			`id serial primary key,`
			`name text not null unique,`
			`is_admin boolean default false`
			`);`

			`create table account (`
			`id serial primary key,`
			`account_no integer not null`
			`);`

			`- type: track_table`
			`args:`
			`name: user`
			`schema: public`

			`- type: track_table`
			`args:`
			`name: account`
			`schema: public`

			`- type: create_insert_permission`
			`args:`
			`table: account`
			`role: user`
			`permission:`
			`columns:`
			`- account_no`
			`check:`
			`_exists:`
			`_table: user`
			`_where:`
			`id: X-Hasura-User-Id`
			`is_admin: true`