graphql-engine/server/src-lib/Hasura/Server/API/Config.hs

-- | API related to server configuration
module Hasura.Server.API.Config
-- required by pro
  ( ServerConfig (..),
    runGetConfig,
  )
where

import Data.Aeson.TH
import Data.HashSet qualified as Set
import Hasura.GraphQL.Execute.LiveQuery.Options qualified as LQ
import Hasura.Prelude
import Hasura.RQL.Types
  ( FunctionPermissionsCtx,
    RemoteSchemaPermsCtx,
  )
import Hasura.Server.Auth
import Hasura.Server.Auth.JWT
import Hasura.Server.Types (ExperimentalFeature)
import Hasura.Server.Version (Version, currentVersion)

data JWTInfo = JWTInfo
  { jwtiClaimsNamespace :: !JWTNamespace,
    jwtiClaimsFormat :: !JWTClaimsFormat,
    jwtiClaimsMap :: !(Maybe JWTCustomClaimsMap)
  }
  deriving (Show, Eq)

$(deriveToJSON hasuraJSON ''JWTInfo)

data ServerConfig = ServerConfig
  { scfgVersion :: !Version,
    scfgIsFunctionPermissionsInferred :: !FunctionPermissionsCtx,
    scfgIsRemoteSchemaPermissionsEnabled :: !RemoteSchemaPermsCtx,
    scfgIsAdminSecretSet :: !Bool,
    scfgIsAuthHookSet :: !Bool,
    scfgIsJwtSet :: !Bool,
    scfgJwt :: ![JWTInfo],
    scfgIsAllowListEnabled :: !Bool,
    scfgLiveQueries :: !LQ.LiveQueriesOptions,
    scfgConsoleAssetsDir :: !(Maybe Text),
    scfgExperimentalFeatures :: !(Set.HashSet ExperimentalFeature)
  }
  deriving (Show, Eq)

$(deriveToJSON hasuraJSON ''ServerConfig)

runGetConfig ::
  FunctionPermissionsCtx ->
  RemoteSchemaPermsCtx ->
  AuthMode ->
  Bool ->
  LQ.LiveQueriesOptions ->
  Maybe Text ->
  Set.HashSet ExperimentalFeature ->
  ServerConfig
runGetConfig
  functionPermsCtx
  remoteSchemaPermsCtx
  am
  isAllowListEnabled
  liveQueryOpts
  consoleAssetsDir
  experimentalFeatures =
    ServerConfig
      currentVersion
      functionPermsCtx
      remoteSchemaPermsCtx
      (isAdminSecretSet am)
      (isAuthHookSet am)
      (isJWTSet am)
      (getJWTInfo am)
      isAllowListEnabled
      liveQueryOpts
      consoleAssetsDir
      experimentalFeatures

isAdminSecretSet :: AuthMode -> Bool
isAdminSecretSet = \case
  AMNoAuth -> False
  _ -> True

isAuthHookSet :: AuthMode -> Bool
isAuthHookSet = \case
  AMAdminSecretAndHook _ _ -> True
  _ -> False

isJWTSet :: AuthMode -> Bool
isJWTSet = \case
  AMAdminSecretAndJWT {} -> True
  _ -> False

getJWTInfo :: AuthMode -> [JWTInfo]
getJWTInfo (AMAdminSecretAndJWT _ jwtCtxs _) =
  let f jwtCtx = case jcxClaims jwtCtx of
        JCNamespace namespace claimsFormat ->
          JWTInfo namespace claimsFormat Nothing
        JCMap claimsMap ->
          JWTInfo (ClaimNs defaultClaimsNamespace) defaultClaimsFormat $ Just claimsMap
   in fmap f jwtCtxs
getJWTInfo _ = mempty
improve debug information in actions errors response (close #4031) (#4432) * config options for internal errors for non-admin role, close #4031 More detailed action debug info is added in response 'internal' field * add docs * update CHANGELOG.md * set admin graphql errors option in ci tests, minor changes to docs * fix tests Don't use any auth for sync actions error tests. The request body changes based on auth type in session_variables (x-hasura-auth-mode) * Apply suggestions from code review Co-Authored-By: Marion Schleifer <marion@hasura.io> * use a new sum type to represent the inclusion of internal errors As suggested in review by @0x777 -> Move around few modules in to specific API folder -> Saperate types from Init.hs * fix tests Don't use any auth for sync actions error tests. The request body changes based on auth type in session_variables (x-hasura-auth-mode) * move 'HttpResponse' to 'Hasura.HTTP' module * update change log with breaking change warning * Update CHANGELOG.md Co-authored-by: Marion Schleifer <marion@hasura.io> Co-authored-by: Tirumarai Selvan <tiru@hasura.io> 2020-04-24 10:55:51 +03:00			`-- \| API related to server configuration`
server: changes catalog initialization and logging for pro customization (#5139) * new typeclass to abstract the logic of QueryLog-ing * abstract the logic of logging websocket-server logs introduce a MonadWSLog typeclass * move catalog initialization to init step expose a helper function to migrate catalog create schema cache in initialiseCtx * expose various modules and functions for pro 2020-06-19 09:42:32 +03:00			`module Hasura.Server.API.Config`
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`-- required by pro`
			`( ServerConfig (..),`
			`runGetConfig,`
			`)`
			`where`
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`import Data.Aeson.TH`
			`import Data.HashSet qualified as Set`
			`import Hasura.GraphQL.Execute.LiveQuery.Options qualified as LQ`
			`import Hasura.Prelude`
			`import Hasura.RQL.Types`
			`( FunctionPermissionsCtx,`
			`RemoteSchemaPermsCtx,`
			`)`
			`import Hasura.Server.Auth`
			`import Hasura.Server.Auth.JWT`
			`import Hasura.Server.Types (ExperimentalFeature)`
server: drop HasVersion implicit parameter (closes #2236) The only real use was for the dubious multitenant option --consoleAssetsVersion, which actually overrode not just the assets version. I.e., as far as I can tell, if you pass --consoleAssetsVersion to multitenant, that version will also make it into e.g. HTTP client user agent headers as the proper graphql-engine version. I'm dropping that option, since it seems unused in production and I don't want to go to the effort of fixing it, but am happy to look into that if folks feels strongly that it should be kept. (Reason for attacking this is that I was looking into http client things around blacklisting, and the versioning thing is a bit painful around http client headers.) PR-URL: https://github.com/hasura/graphql-engine-mono/pull/2458 GitOrigin-RevId: a02b05557124bdba9f65e96b3aa2746aeee03f4a 2021-10-13 19:38:56 +03:00			`import Hasura.Server.Version (Version, currentVersion)`
server: simplify JSON instances GITHUB_PR_NUMBER: 6152 GITHUB_PR_URL: https://github.com/hasura/graphql-engine/pull/6152 Co-authored-by: Antoine Leblanc <1618949+nicuveo@users.noreply.github.com> GitOrigin-RevId: 6c94aef8c57e852b3d41b8355c09e64fce756a7c 2021-01-19 22:14:42 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`data JWTInfo = JWTInfo`
			`{ jwtiClaimsNamespace :: !JWTNamespace,`
			`jwtiClaimsFormat :: !JWTClaimsFormat,`
			`jwtiClaimsMap :: !(Maybe JWTCustomClaimsMap)`
			`}`
			`deriving (Show, Eq)`
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00
server: simplify JSON instances GITHUB_PR_NUMBER: 6152 GITHUB_PR_URL: https://github.com/hasura/graphql-engine/pull/6152 Co-authored-by: Antoine Leblanc <1618949+nicuveo@users.noreply.github.com> GitOrigin-RevId: 6c94aef8c57e852b3d41b8355c09e64fce756a7c 2021-01-19 22:14:42 +03:00			`$(deriveToJSON hasuraJSON ''JWTInfo)`
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`data ServerConfig = ServerConfig`
			`{ scfgVersion :: !Version,`
			`scfgIsFunctionPermissionsInferred :: !FunctionPermissionsCtx,`
			`scfgIsRemoteSchemaPermissionsEnabled :: !RemoteSchemaPermsCtx,`
			`scfgIsAdminSecretSet :: !Bool,`
			`scfgIsAuthHookSet :: !Bool,`
			`scfgIsJwtSet :: !Bool,`
Adding multiple jwt secrets (incorporating provenance requirements) PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3173 Co-authored-by: Solomon <24038+solomon-b@users.noreply.github.com> Co-authored-by: Daniel Chambers <1214352+daniel-chambers@users.noreply.github.com> GitOrigin-RevId: 395a5d5854896f866b612895d6f41e29376c2caa 2022-02-14 02:33:49 +03:00			`scfgJwt :: ![JWTInfo],`
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`scfgIsAllowListEnabled :: !Bool,`
			`scfgLiveQueries :: !LQ.LiveQueriesOptions,`
			`scfgConsoleAssetsDir :: !(Maybe Text),`
			`scfgExperimentalFeatures :: !(Set.HashSet ExperimentalFeature)`
			`}`
			`deriving (Show, Eq)`

server: simplify JSON instances GITHUB_PR_NUMBER: 6152 GITHUB_PR_URL: https://github.com/hasura/graphql-engine/pull/6152 Co-authored-by: Antoine Leblanc <1618949+nicuveo@users.noreply.github.com> GitOrigin-RevId: 6c94aef8c57e852b3d41b8355c09e64fce756a7c 2021-01-19 22:14:42 +03:00			`$(deriveToJSON hasuraJSON ''ServerConfig)`
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`runGetConfig ::`
			`FunctionPermissionsCtx ->`
			`RemoteSchemaPermsCtx ->`
			`AuthMode ->`
			`Bool ->`
			`LQ.LiveQueriesOptions ->`
			`Maybe Text ->`
			`Set.HashSet ExperimentalFeature ->`
			`ServerConfig`
server: add experimental features in the alpha config API GitOrigin-RevId: b4841e3dbea8340f8fad638359f3b1cb28188db6 2021-03-09 21:45:43 +03:00			`runGetConfig`
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`functionPermsCtx`
			`remoteSchemaPermsCtx`
			`am`
			`isAllowListEnabled`
			`liveQueryOpts`
			`consoleAssetsDir`
			`experimentalFeatures =`
			`ServerConfig`
			`currentVersion`
			`functionPermsCtx`
			`remoteSchemaPermsCtx`
			`(isAdminSecretSet am)`
			`(isAuthHookSet am)`
			`(isJWTSet am)`
			`(getJWTInfo am)`
			`isAllowListEnabled`
			`liveQueryOpts`
			`consoleAssetsDir`
			`experimentalFeatures`
server: add more info about server to config api (#3412) Co-authored-by: Toan Nguyen <hgiasac@gmail.com> Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com> 2020-04-06 07:53:58 +03:00
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00			`isAdminSecretSet :: AuthMode -> Bool`
			`isAdminSecretSet = \case`
			`AMNoAuth -> False`
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`_ -> True`
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00
			`isAuthHookSet :: AuthMode -> Bool`
			`isAuthHookSet = \case`
			`AMAdminSecretAndHook _ _ -> True`
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`_ -> False`
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00
			`isJWTSet :: AuthMode -> Bool`
			`isJWTSet = \case`
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of this commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e 2021-09-24 01:56:37 +03:00			`AMAdminSecretAndJWT {} -> True`
			`_ -> False`
add api to get server config details (close #1831); add jwt-analyzer (close #1369) (#1925) 2019-06-11 16:29:03 +03:00
Adding multiple jwt secrets (incorporating provenance requirements) PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3173 Co-authored-by: Solomon <24038+solomon-b@users.noreply.github.com> Co-authored-by: Daniel Chambers <1214352+daniel-chambers@users.noreply.github.com> GitOrigin-RevId: 395a5d5854896f866b612895d6f41e29376c2caa 2022-02-14 02:33:49 +03:00			`getJWTInfo :: AuthMode -> [JWTInfo]`
			`getJWTInfo (AMAdminSecretAndJWT _ jwtCtxs _) =`
			`let f jwtCtx = case jcxClaims jwtCtx of`
			`JCNamespace namespace claimsFormat ->`
			`JWTInfo namespace claimsFormat Nothing`
			`JCMap claimsMap ->`
			`JWTInfo (ClaimNs defaultClaimsNamespace) defaultClaimsFormat $ Just claimsMap`
			`in fmap f jwtCtxs`
			`getJWTInfo _ = mempty`