hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-16 09:51:59 +03:00
Code Issues Projects Releases Wiki Activity
e61f163d4f
graphql-engine/server/src-lib/Hasura/RQL/DDL/Permission.hs

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

399 lines
15 KiB
Haskell
Raw Normal View History

Yeet some default-extensions Manually enables: * EmptyCase * ExistentialQuantification * QuantifiedConstraints * QuasiQuotes * TemplateHaskell * TypeFamilyDependencies ...in the following components: * 'graphql-engine' library * 'graphql-engine' 'src-test' * 'graphql-engine' 'tests/integration' * 'graphql-engine' tests-hspec' Additionally, performs some light refactoring and documentation. PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3991 GitOrigin-RevId: 514477d3466b01f60eca8935d0fef60dd0756838
2022-03-16 03:39:21 +03:00
{-# LANGUAGE TypeFamilyDependencies #-}
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
module Hasura.RQL.DDL.Permission
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
( CreatePerm,
runCreatePerm,
PermDef (..),
InsPerm (..),
InsPermDef,
buildInsPermInfo,
SelPerm (..),
SelPermDef,
buildSelPermInfo,
UpdPerm (..),
UpdPermDef,
buildUpdPermInfo,
DelPerm (..),
DelPermDef,
buildDelPermInfo,
DropPerm,
runDropPerm,
dropPermissionInMetadata,
SetPermComment (..),
runSetPermComment,
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
PermInfo,
buildPermInfo,
addPermissionToMetadata,
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
)
where
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
import Control.Lens (Lens', (.~), (^?))
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
import Data.Aeson
import Data.HashMap.Strict qualified as HM
import Data.HashMap.Strict.InsOrd qualified as OMap
import Data.HashSet qualified as HS
import Data.Text.Extended
import Hasura.Base.Error
import Hasura.EncJSON
import Hasura.Prelude
import Hasura.RQL.DDL.Permission.Internal
server: add explicit export lists in OSS server and enforce with warning We'll see if this improves compile times at all, but I think it's worth doing as at least the most minimal form of module documentation. This was accomplished by first compiling everything with -ddump-minimal-imports, and then a bunch of scripting (with help from ormolu) **EDIT** it doesn't seem to improve CI compile times but the noise floor is high as it looks like we're not caching library dependencies anymore PR-URL: https://github.com/hasura/graphql-engine-mono/pull/2730 GitOrigin-RevId: 667eb8de1e0f1af70420cbec90402922b8b84cb4
2021-11-04 19:08:33 +03:00
import Hasura.RQL.DML.Internal
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
import Hasura.RQL.Types
import Hasura.SQL.AnyBackend qualified as AB
import Hasura.SQL.Types
import Hasura.Session
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
backend only insert permissions (rfc #4120) (#4224) * move user info related code to Hasura.User module * the RFC #4120 implementation; insert permissions with admin secret * revert back to old RoleName based schema maps An attempt made to avoid duplication of schema contexts in types if any role doesn't possess any admin secret specific schema * fix compile errors in haskell test * keep 'user_vars' for session variables in http-logs * no-op refacto * tests for admin only inserts * update docs for admin only inserts * updated CHANGELOG.md * default behaviour when admin secret is not set * fix x-hasura-role to X-Hasura-Role in pytests * introduce effective timeout in actions async tests * update docs for admin-secret not configured case * Update docs/graphql/manual/api-reference/schema-metadata-api/permission.rst Co-Authored-By: Marion Schleifer <marion@hasura.io> * Apply suggestions from code review Co-Authored-By: Marion Schleifer <marion@hasura.io> * a complete iteration backend insert permissions accessable via 'x-hasura-backend-privilege' session variable * console changes for backend-only permissions * provide tooltip id; update labels and tooltips; * requested changes * requested changes - remove className from Toggle component - use appropriate function name (capitalizeFirstChar -> capitalize) * use toggle props from definitelyTyped * fix accidental commit * Revert "introduce effective timeout in actions async tests" This reverts commit b7a59c19d643520cfde6af579889e1038038438a. * generate complete schema for both 'default' and 'backend' sessions * Apply suggestions from code review Co-Authored-By: Marion Schleifer <marion@hasura.io> * remove unnecessary import, export Toggle as is * update session variable in tooltip * 'x-hasura-use-backend-only-permissions' variable to switch * update help texts * update docs * update docs * update console help text * regenerate package-lock * serve no backend schema when backend_only: false and header set to true - Few type name refactor as suggested by @0x777 * update CHANGELOG.md * Update CHANGELOG.md * Update CHANGELOG.md * fix a merge bug where a certain entity didn't get removed Co-authored-by: Marion Schleifer <marion@hasura.io> Co-authored-by: Rishichandra Wawhal <rishi@hasura.io> Co-authored-by: rikinsk <rikin.kachhia@gmail.com> Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 12:10:53 +03:00
{- Note [Backend only permissions]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
As of writing this note, Hasura permission system is meant to be used by the
frontend. After introducing "Actions", the webhook handlers now can make GraphQL
mutations to the server with some backend logic. These mutations shouldn't be
exposed to frontend for any user since they'll bypass the business logic.
For example:-
We've a table named "user" and it has a "email" column. We need to validate the
email address. So we define an action "create_user" and it expects the same inputs
as "insert_user" mutation (generated by Hasura). Now, a role has permission for both
actions and insert operation on the table. If the insert permission is not marked
as "backend_only: true" then it visible to the frontend client along with "creat_user".
Backend only permissions adds an additional privilege to Hasura generated operations.
Those are accessable only if the request is made with `x-hasura-admin-secret`
(if authorization is configured), `x-hasura-use-backend-only-permissions`
(value must be set to "true"), `x-hasura-role` to identify the role and other
required session variables.
backend_only `x-hasura-admin-secret` `x-hasura-use-backend-only-permissions` Result
------------ --------------------- ------------------------------------- ------
FALSE ANY ANY Mutation is always visible
TRUE FALSE ANY Mutation is always hidden
TRUE TRUE (OR NOT-SET) FALSE Mutation is hidden
TRUE TRUE (OR NOT-SET) TRUE Mutation is shown
-}
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
procSetObj ::
forall b m.
(QErrM m, BackendMetadata b) =>
SourceName ->
TableName b ->
FieldInfoMap (FieldInfo b) ->
Maybe (ColumnValues b Value) ->
m (PreSetColsPartial b, [Text], [SchemaDependency])
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
procSetObj source tn fieldInfoMap mObj = do
allow altering type of a column whose permissions defined only with session variables (close #2070) (#2683) * allow altering type of a column iff session vars are defined in permissions * use a sum type to define dependency reason * set jwt expiry test's expiry time to 4 seconds * derive Data instance for necessary types to simplify 'hasStaticExp'
2019-08-17 00:35:22 +03:00
(setColTups, deps) <- withPathK "set" $
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
fmap unzip $
forM (HM.toList setObj) $ \(pgCol, val) -> do
ty <-
askColumnType fieldInfoMap pgCol $
"column " <> pgCol <<> " not found in table " <>> tn
sqlExp <- parseCollectableType (CollectableTypeScalar ty) val
let dep = mkColDep @b (getDepReason sqlExp) source tn pgCol
return ((pgCol, sqlExp), dep)
allow altering type of a column whose permissions defined only with session variables (close #2070) (#2683) * allow altering type of a column iff session vars are defined in permissions * use a sum type to define dependency reason * set jwt expiry test's expiry time to 4 seconds * derive Data instance for necessary types to simplify 'hasStaticExp'
2019-08-17 00:35:22 +03:00
return (HM.fromList setColTups, depHeaders, deps)
support column presets in update mutation (closes #1449, closes #1464) (#1473) Also restricts altering type of columns which are used in presets
2019-02-11 15:45:30 +03:00
where
setObj = fromMaybe mempty mObj
server: generalize schema cache building (#496) Co-authored-by: Vamshi Surabhi <vamshi@hasura.io> Co-authored-by: Vladimir Ciobanu <admin@cvlad.info> Co-authored-by: Antoine Leblanc <antoine@hasura.io> Co-authored-by: Stylish Haskell Bot <stylish-haskell@users.noreply.github.com> GitOrigin-RevId: 9d631878037637f3ed2994b5d0525efd978f7b8f
2021-02-14 09:07:52 +03:00
depHeaders = getDepHeadersFromVal $ Object $ mapKeys toTxt setObj
support column presets in update mutation (closes #1449, closes #1464) (#1473) Also restricts altering type of columns which are used in presets
2019-02-11 15:45:30 +03:00
allow altering type of a column whose permissions defined only with session variables (close #2070) (#2683) * allow altering type of a column iff session vars are defined in permissions * use a sum type to define dependency reason * set jwt expiry test's expiry time to 4 seconds * derive Data instance for necessary types to simplify 'hasStaticExp'
2019-08-17 00:35:22 +03:00
getDepReason = bool DRSessionVariable DROnType . isStaticValue
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
type family PermInfo perm where
PermInfo SelPerm = SelPermInfo
PermInfo InsPerm = InsPermInfo
PermInfo UpdPerm = UpdPermInfo
PermInfo DelPerm = DelPermInfo
addPermissionToMetadata ::
PermDef b a ->
TableMetadata b ->
TableMetadata b
addPermissionToMetadata permDef = case _pdPermission permDef of
InsPerm' _ -> tmInsertPermissions %~ OMap.insert (_pdRole permDef) permDef
SelPerm' _ -> tmSelectPermissions %~ OMap.insert (_pdRole permDef) permDef
UpdPerm' _ -> tmUpdatePermissions %~ OMap.insert (_pdRole permDef) permDef
DelPerm' _ -> tmDeletePermissions %~ OMap.insert (_pdRole permDef) permDef
buildPermInfo ::
(BackendMetadata b, QErrM m, TableCoreInfoRM b m) =>
SourceName ->
TableName b ->
FieldInfoMap (FieldInfo b) ->
PermDefPermission b perm ->
m (WithDeps (PermInfo perm b))
buildPermInfo x1 x2 x3 = \case
SelPerm' p -> buildSelPermInfo x1 x2 x3 p
InsPerm' p -> buildInsPermInfo x1 x2 x3 p
UpdPerm' p -> buildUpdPermInfo x1 x2 x3 p
DelPerm' p -> buildDelPermInfo x1 x2 x3 p
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
doesPermissionExistInMetadata ::
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
forall b.
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
TableMetadata b ->
RoleName ->
PermType ->
Bool
server: inherited roles improvements for select permissions only https://github.com/hasura/graphql-engine-mono/pull/1539 GitOrigin-RevId: 7444973e9cc7e0598eeb1bd7951ad45dd37ec550
2021-07-17 00:18:58 +03:00
doesPermissionExistInMetadata tableMetadata roleName = \case
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
PTInsert -> hasPermissionTo tmInsertPermissions
PTSelect -> hasPermissionTo tmSelectPermissions
PTUpdate -> hasPermissionTo tmUpdatePermissions
PTDelete -> hasPermissionTo tmDeletePermissions
where
hasPermissionTo :: forall a. Lens' (TableMetadata b) (Permissions a) -> Bool
hasPermissionTo perms = isJust $ tableMetadata ^? perms . ix roleName
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
runCreatePerm ::
forall m b a.
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
(UserInfoM m, CacheRWM m, MonadError QErr m, MetadataM m, BackendMetadata b) =>
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
CreatePerm a b ->
m EncJSON
server: inherited roles improvements for select permissions only https://github.com/hasura/graphql-engine-mono/pull/1539 GitOrigin-RevId: 7444973e9cc7e0598eeb1bd7951ad45dd37ec550
2021-07-17 00:18:58 +03:00
runCreatePerm (CreatePerm (WithTable source tableName permissionDefn)) = do
tableMetadata <- askTableMetadata @b source tableName
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
let permissionType = reflectPermDefPermission (_pdPermission permissionDefn)
server: inherited roles improvements for select permissions only https://github.com/hasura/graphql-engine-mono/pull/1539 GitOrigin-RevId: 7444973e9cc7e0598eeb1bd7951ad45dd37ec550
2021-07-17 00:18:58 +03:00
ptText = permTypeToCode permissionType
role = _pdRole permissionDefn
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
metadataObject =
MOSourceObjId source $
AB.mkAnyBackend $
SMOTableObj @b tableName $
MTOPerm role permissionType
server: inherited roles improvements for select permissions only https://github.com/hasura/graphql-engine-mono/pull/1539 GitOrigin-RevId: 7444973e9cc7e0598eeb1bd7951ad45dd37ec550
2021-07-17 00:18:58 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
-- NOTE: we check if a permission exists for a `(table, role)` entity in the metadata
server: inherited roles improvements for select permissions only https://github.com/hasura/graphql-engine-mono/pull/1539 GitOrigin-RevId: 7444973e9cc7e0598eeb1bd7951ad45dd37ec550
2021-07-17 00:18:58 +03:00
-- and not in the `RolePermInfoMap b` because there may exist a permission for the `role`
-- which is an inherited one, so we check it in the metadata directly
-- The metadata will not contain the permissions for the admin role,
-- because the graphql-engine automatically creates the role and it's
-- assumed that the admin role is an implicit role of the graphql-engine.
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
when (doesPermissionExistInMetadata tableMetadata role permissionType || role == adminRoleName) $
throw400 AlreadyExists $
ptText <> " permission already defined on table " <> tableName <<> " with role " <>> role
buildSchemaCacheFor metadataObject $
MetadataModifier $
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
tableMetadataSetter @b source tableName %~ addPermissionToMetadata permissionDefn
Merge oss/master onto mono/main GitOrigin-RevId: 1c8c4d60e033c8a0bc8b2beed24c5bceb7d4bcc8
2020-11-12 12:25:48 +03:00
pure successMsg
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
runDropPerm ::
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
forall b m.
(UserInfoM m, CacheRWM m, MonadError QErr m, MetadataM m, BackendMetadata b) =>
PermType ->
DropPerm b ->
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
m EncJSON
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
runDropPerm permType (DropPerm source table role) = do
server: inherited roles improvements for select permissions only https://github.com/hasura/graphql-engine-mono/pull/1539 GitOrigin-RevId: 7444973e9cc7e0598eeb1bd7951ad45dd37ec550
2021-07-17 00:18:58 +03:00
tableMetadata <- askTableMetadata @b source table
unless (doesPermissionExistInMetadata tableMetadata role permType) $ do
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
let errMsg =
mconcat
[ permTypeToCode permType <> " permission on " <>> table,
" for role " <>> role,
" does not exist"
]
server: inherited roles improvements for select permissions only https://github.com/hasura/graphql-engine-mono/pull/1539 GitOrigin-RevId: 7444973e9cc7e0598eeb1bd7951ad45dd37ec550
2021-07-17 00:18:58 +03:00
throw400 PermissionDenied errMsg
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
withNewInconsistentObjsCheck $
buildSchemaCache $
MetadataModifier $
tableMetadataSetter @b source table %~ dropPermissionInMetadata role permType
Merge oss/master onto mono/main GitOrigin-RevId: 1c8c4d60e033c8a0bc8b2beed24c5bceb7d4bcc8
2020-11-12 12:25:48 +03:00
return successMsg
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
buildInsPermInfo ::
forall b m.
(QErrM m, TableCoreInfoRM b m, BackendMetadata b) =>
SourceName ->
TableName b ->
FieldInfoMap (FieldInfo b) ->
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
InsPerm b ->
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
m (WithDeps (InsPermInfo b))
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
buildInsPermInfo source tn fieldInfoMap (InsPerm checkCond set mCols mBackendOnly) =
multiplexed subscriptions (#1934) * add types to represent unparsed http gql requests This will help when we add caching of frequently used ASTs * query plan caching * move livequery to execute * add multiplexed module * session variable can be customised depending on the context Previously the value was always "current_setting('hasura.user')" * get rid of typemap requirement in reusable plan * subscriptions are multiplexed when possible * use lazytx for introspection to avoid acquiring a pg connection * refactor to make execute a completely decoupled module * don't issue a transaction for a query * don't use current setting for explained sql * move postgres related types to a different module * validate variableValues on postgres before multiplexing subs * don't user current_setting for queries over ws * plan_cache is only visible when developer flag is enabled * introduce 'batch size' when multiplexing subscriptions * bump stackage to 13.16 * fix schema_stitching test case error code * store hashes instead of actual responses for subscriptions * internal api to dump subscriptions state * remove PlanCache from SchemaCacheRef * allow live query options to be configured on server startup * capture metrics for multiplexed subscriptions * more metrics captured for multiplexed subs * switch to tvar based hashmap for faster snapshotting * livequery modules do not expose internal details * fix typo in live query env vars * switch to hasura's pg-client-hs
2019-04-17 12:48:41 +03:00
withPathK "permission" $ do
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
(be, beDeps) <- withPathK "check" $ procBoolExp source tn fieldInfoMap checkCond
(setColsSQL, setHdrs, setColDeps) <- procSetObj source tn fieldInfoMap set
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
void $
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
withPathK "columns" $ do
indexedForM insCols $ \col -> do
-- Check that all columns specified do in fact exist and are columns
_ <- askColumnType fieldInfoMap col relInInsErr
-- Check that the column is insertable
ci <- askColInfo fieldInfoMap col ""
server: cleanup references to "pgCol" in common and non-postgres backend code PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3393 GitOrigin-RevId: b45cd83f7c3fbc1656011ee888968743b0bbb736
2022-01-19 11:37:50 +03:00
unless (_cmIsInsertable $ ciMutability ci) $
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
throw500
( "Column " <> col
<<> " is not insertable and so cannot have insert permissions defined"
)
Add check expresion to update permissions (close #384) (#3804) * Add check expresion to update permissions (close #384) * wip on conflict behavior * Handle upserts for views properly * Use insert check if there is no update check * Fix the test * Improve error message slightly Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-02-13 10:38:49 +03:00
let fltrHeaders = getDependentHeaders checkCond
server: inherited roles for mutations, remote schemas, actions and custom functions https://github.com/hasura/graphql-engine-mono/pull/1715 GitOrigin-RevId: 4818292cff8c3a5b264968e7032887a1e98b6f79
2021-08-09 13:20:04 +03:00
reqHdrs = fltrHeaders `HS.union` (HS.fromList setHdrs)
server: switch to a sub-backend approach GitOrigin-RevId: 660126d5f65620fb58a3ffcbed564e9e35f59938
2021-04-22 00:44:37 +03:00
insColDeps = map (mkColDep @b DRUntyped source tn) insCols
deps = mkParentDep @b source tn : beDeps ++ setColDeps ++ insColDeps
Use fine(er)-grained dependency tracking when building permissions This changes TableCoreCacheT to internally record dependencies at a per-table level. In practice, this dramatically improves the performance of building permissions: it makes it far, far less likely for permissions to be needlessly rebuilt because some unrelated table changed.
2019-12-15 19:07:08 +03:00
insColsWithoutPresets = insCols \\ HM.keys setColsSQL
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
backend only insert permissions (rfc #4120) (#4224) * move user info related code to Hasura.User module * the RFC #4120 implementation; insert permissions with admin secret * revert back to old RoleName based schema maps An attempt made to avoid duplication of schema contexts in types if any role doesn't possess any admin secret specific schema * fix compile errors in haskell test * keep 'user_vars' for session variables in http-logs * no-op refacto * tests for admin only inserts * update docs for admin only inserts * updated CHANGELOG.md * default behaviour when admin secret is not set * fix x-hasura-role to X-Hasura-Role in pytests * introduce effective timeout in actions async tests * update docs for admin-secret not configured case * Update docs/graphql/manual/api-reference/schema-metadata-api/permission.rst Co-Authored-By: Marion Schleifer <marion@hasura.io> * Apply suggestions from code review Co-Authored-By: Marion Schleifer <marion@hasura.io> * a complete iteration backend insert permissions accessable via 'x-hasura-backend-privilege' session variable * console changes for backend-only permissions * provide tooltip id; update labels and tooltips; * requested changes * requested changes - remove className from Toggle component - use appropriate function name (capitalizeFirstChar -> capitalize) * use toggle props from definitelyTyped * fix accidental commit * Revert "introduce effective timeout in actions async tests" This reverts commit b7a59c19d643520cfde6af579889e1038038438a. * generate complete schema for both 'default' and 'backend' sessions * Apply suggestions from code review Co-Authored-By: Marion Schleifer <marion@hasura.io> * remove unnecessary import, export Toggle as is * update session variable in tooltip * 'x-hasura-use-backend-only-permissions' variable to switch * update help texts * update docs * update docs * update console help text * regenerate package-lock * serve no backend schema when backend_only: false and header set to true - Few type name refactor as suggested by @0x777 * update CHANGELOG.md * Update CHANGELOG.md * Update CHANGELOG.md * fix a merge bug where a certain entity didn't get removed Co-authored-by: Marion Schleifer <marion@hasura.io> Co-authored-by: Rishichandra Wawhal <rishi@hasura.io> Co-authored-by: rikinsk <rikin.kachhia@gmail.com> Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 12:10:53 +03:00
return (InsPermInfo (HS.fromList insColsWithoutPresets) be setColsSQL backendOnly reqHdrs, deps)
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
where
server: make more use of hlint (#6059) https://github.com/hasura/graphql-engine/pull/6059
2020-10-28 19:40:33 +03:00
backendOnly = Just True == mBackendOnly
Replace "identity column" with "column mutability" data for all backends PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3373 GitOrigin-RevId: bf08cc9008a4b0b3ece4952528c15c45e57fc74c
2022-02-03 17:14:33 +03:00
allInsCols = map ciColumn $ filter (_cmIsInsertable . ciMutability) $ getCols fieldInfoMap
insCols = interpColSpec allInsCols (fromMaybe PCStar mCols)
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
relInInsErr = "Only table columns can have insert permissions defined, not relationships or other field types"
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
buildSelPermInfo ::
forall b m.
(QErrM m, TableCoreInfoRM b m, BackendMetadata b) =>
SourceName ->
TableName b ->
FieldInfoMap (FieldInfo b) ->
SelPerm b ->
m (WithDeps (SelPermInfo b))
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
buildSelPermInfo source tn fieldInfoMap sp = withPathK "permission" $ do
Replace "identity column" with "column mutability" data for all backends PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3373 GitOrigin-RevId: bf08cc9008a4b0b3ece4952528c15c45e57fc74c
2022-02-03 17:14:33 +03:00
let pgCols = interpColSpec (map ciColumn $ (getCols fieldInfoMap)) $ spColumns sp
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
(boolExp, boolExpDeps) <-
withPathK "filter" $
procBoolExp source tn fieldInfoMap $ spFilter sp
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
-- check if the columns exist
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
void $
withPathK "columns" $
indexedForM pgCols $ \pgCol ->
askColumnType fieldInfoMap pgCol autoInferredErr
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
support computed fields returning scalars or set of tables (close #1387) (#2917)
2019-10-18 11:29:47 +03:00
-- validate computed fields
computed fields in export/import metadata, other fixes (#3211)
2019-11-07 17:39:48 +03:00
scalarComputedFields <-
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
withPathK "computed_fields" $
indexedForM computedFields $ \fieldName -> do
computedFieldInfo <- askComputedFieldInfo fieldInfoMap fieldName
case _cfiReturnType computedFieldInfo of
CFRScalar _ -> pure fieldName
CFRSetofTable returnTable ->
throw400 NotSupported $
"select permissions on computed field " <> fieldName
<<> " are auto-derived from the permissions on its returning table "
<> returnTable
<<> " and cannot be specified manually"
let deps =
mkParentDep @b source tn :
boolExpDeps ++ map (mkColDep @b DRUntyped source tn) pgCols
++ map (mkComputedFieldDep @b DRUntyped source tn) scalarComputedFields
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
depHeaders = getDependentHeaders $ spFilter sp
add limit in select permission which overrides limit in query (close #178) (#237)
2018-08-06 15:15:08 +03:00
mLimit = spLimit sp
withPathK "limit" $ mapM_ onlyPositiveInt mLimit
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
let pgColsWithFilter = HM.fromList $ map (,Nothing) pgCols
[Preview] Inherited roles for postgres read queries fixes #3868 docker image - `hasura/graphql-engine:inherited-roles-preview-48b73a2de` Note: To be able to use the inherited roles feature, the graphql-engine should be started with the env variable `HASURA_GRAPHQL_EXPERIMENTAL_FEATURES` set to `inherited_roles`. Introduction ------------ This PR implements the idea of multiple roles as presented in this [paper](https://www.microsoft.com/en-us/research/wp-content/uploads/2016/02/FGALanguageICDE07.pdf). The multiple roles feature in this PR can be used via inherited roles. An inherited role is a role which can be created by combining multiple singular roles. For example, if there are two roles `author` and `editor` configured in the graphql-engine, then we can create a inherited role with the name of `combined_author_editor` role which will combine the select permissions of the `author` and `editor` roles and then make GraphQL queries using the `combined_author_editor`. How are select permissions of different roles are combined? ------------------------------------------------------------ A select permission includes 5 things: 1. Columns accessible to the role 2. Row selection filter 3. Limit 4. Allow aggregation 5. Scalar computed fields accessible to the role Suppose there are two roles, `role1` gives access to the `address` column with row filter `P1` and `role2` gives access to both the `address` and the `phone` column with row filter `P2` and we create a new role `combined_roles` which combines `role1` and `role2`. Let's say the following GraphQL query is queried with the `combined_roles` role. ```graphql query { employees { address phone } } ``` This will translate to the following SQL query: ```sql select (case when (P1 or P2) then address else null end) as address, (case when P2 then phone else null end) as phone from employee where (P1 or P2) ``` The other parameters of the select permission will be combined in the following manner: 1. Limit - Minimum of the limits will be the limit of the inherited role 2. Allow aggregations - If any of the role allows aggregation, then the inherited role will allow aggregation 3. Scalar computed fields - same as table column fields, as in the above example APIs for inherited roles: ---------------------- 1. `add_inherited_role` `add_inherited_role` is the [metadata API](https://hasura.io/docs/1.0/graphql/core/api-reference/index.html#schema-metadata-api) to create a new inherited role. It accepts two arguments `role_name`: the name of the inherited role to be added (String) `role_set`: list of roles that need to be combined (Array of Strings) Example: ```json { "type": "add_inherited_role", "args": { "role_name":"combined_user", "role_set":[ "user", "user1" ] } } ``` After adding the inherited role, the inherited role can be used like single roles like earlier Note: An inherited role can only be created with non-inherited/singular roles. 2. `drop_inherited_role` The `drop_inherited_role` API accepts the name of the inherited role and drops it from the metadata. It accepts a single argument: `role_name`: name of the inherited role to be dropped Example: ```json { "type": "drop_inherited_role", "args": { "role_name":"combined_user" } } ``` Metadata --------- The derived roles metadata will be included under the `experimental_features` key while exporting the metadata. ```json { "experimental_features": { "derived_roles": [ { "role_name": "manager_is_employee_too", "role_set": [ "employee", "manager" ] } ] } } ``` Scope ------ Only postgres queries and subscriptions are supported in this PR. Important points: ----------------- 1. All columns exposed to an inherited role will be marked as `nullable`, this is done so that cell value nullification can be done. TODOs ------- - [ ] Tests - [ ] Test a GraphQL query running with a inherited role without enabling inherited roles in experimental features - [] Tests for aggregate queries, limit, computed fields, functions, subscriptions (?) - [ ] Introspection test with a inherited role (nullability changes in a inherited role) - [ ] Docs - [ ] Changelog Co-authored-by: Vamshi Surabhi <6562944+0x777@users.noreply.github.com> GitOrigin-RevId: 3b8ee1e11f5ceca80fe294f8c074d42fbccfec63
2021-03-08 14:14:13 +03:00
scalarComputedFieldsWithFilter = HS.toMap (HS.fromList scalarComputedFields) $> Nothing
let selPermInfo =
SelPermInfo pgColsWithFilter scalarComputedFieldsWithFilter boolExp mLimit allowAgg depHeaders
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
return (selPermInfo, deps)
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
where
support computed fields returning scalars or set of tables (close #1387) (#2917)
2019-10-18 11:29:47 +03:00
allowAgg = spAllowAggregations sp
computedFields = spComputedFields sp
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
autoInferredErr = "permissions for relationships are automatically inferred"
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
buildUpdPermInfo ::
forall b m.
(QErrM m, TableCoreInfoRM b m, BackendMetadata b) =>
SourceName ->
TableName b ->
FieldInfoMap (FieldInfo b) ->
UpdPerm b ->
m (WithDeps (UpdPermInfo b))
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
buildUpdPermInfo source tn fieldInfoMap (UpdPerm colSpec set fltr check) = do
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
(be, beDeps) <-
withPathK "filter" $
procBoolExp source tn fieldInfoMap fltr
backend only insert permissions (rfc #4120) (#4224) * move user info related code to Hasura.User module * the RFC #4120 implementation; insert permissions with admin secret * revert back to old RoleName based schema maps An attempt made to avoid duplication of schema contexts in types if any role doesn't possess any admin secret specific schema * fix compile errors in haskell test * keep 'user_vars' for session variables in http-logs * no-op refacto * tests for admin only inserts * update docs for admin only inserts * updated CHANGELOG.md * default behaviour when admin secret is not set * fix x-hasura-role to X-Hasura-Role in pytests * introduce effective timeout in actions async tests * update docs for admin-secret not configured case * Update docs/graphql/manual/api-reference/schema-metadata-api/permission.rst Co-Authored-By: Marion Schleifer <marion@hasura.io> * Apply suggestions from code review Co-Authored-By: Marion Schleifer <marion@hasura.io> * a complete iteration backend insert permissions accessable via 'x-hasura-backend-privilege' session variable * console changes for backend-only permissions * provide tooltip id; update labels and tooltips; * requested changes * requested changes - remove className from Toggle component - use appropriate function name (capitalizeFirstChar -> capitalize) * use toggle props from definitelyTyped * fix accidental commit * Revert "introduce effective timeout in actions async tests" This reverts commit b7a59c19d643520cfde6af579889e1038038438a. * generate complete schema for both 'default' and 'backend' sessions * Apply suggestions from code review Co-Authored-By: Marion Schleifer <marion@hasura.io> * remove unnecessary import, export Toggle as is * update session variable in tooltip * 'x-hasura-use-backend-only-permissions' variable to switch * update help texts * update docs * update docs * update console help text * regenerate package-lock * serve no backend schema when backend_only: false and header set to true - Few type name refactor as suggested by @0x777 * update CHANGELOG.md * Update CHANGELOG.md * Update CHANGELOG.md * fix a merge bug where a certain entity didn't get removed Co-authored-by: Marion Schleifer <marion@hasura.io> Co-authored-by: Rishichandra Wawhal <rishi@hasura.io> Co-authored-by: rikinsk <rikin.kachhia@gmail.com> Co-authored-by: Tirumarai Selvan <tiru@hasura.io>
2020-04-24 12:10:53 +03:00
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
checkExpr <- traverse (withPathK "check" . procBoolExp source tn fieldInfoMap) check
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
(setColsSQL, setHeaders, setColDeps) <- procSetObj source tn fieldInfoMap set
support column presets in update mutation (closes #1449, closes #1464) (#1473) Also restricts altering type of columns which are used in presets
2019-02-11 15:45:30 +03:00
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
-- check if the columns exist
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
void $
withPathK "columns" $
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
indexedForM updCols $ \updCol -> do
-- Check that all columns specified do in fact exist and are columns
_ <- askColumnType fieldInfoMap updCol relInUpdErr
-- Check that the column is updatable
ci <- askColInfo fieldInfoMap updCol ""
server: cleanup references to "pgCol" in common and non-postgres backend code PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3393 GitOrigin-RevId: b45cd83f7c3fbc1656011ee888968743b0bbb736
2022-01-19 11:37:50 +03:00
unless (_cmIsUpdatable $ ciMutability ci) $
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
throw500
( "Column " <> updCol
<<> " is not updatable and so cannot have update permissions defined"
)
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
Replace "identity column" with "column mutability" data for all backends PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3373 GitOrigin-RevId: bf08cc9008a4b0b3ece4952528c15c45e57fc74c
2022-02-03 17:14:33 +03:00
let updColDeps = map (mkColDep @b DRUntyped source tn) allUpdCols
server: switch to a sub-backend approach GitOrigin-RevId: 660126d5f65620fb58a3ffcbed564e9e35f59938
2021-04-22 00:44:37 +03:00
deps = mkParentDep @b source tn : beDeps ++ maybe [] snd checkExpr ++ updColDeps ++ setColDeps
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
depHeaders = getDependentHeaders fltr
server: inherited roles for mutations, remote schemas, actions and custom functions https://github.com/hasura/graphql-engine-mono/pull/1715 GitOrigin-RevId: 4818292cff8c3a5b264968e7032887a1e98b6f79
2021-08-09 13:20:04 +03:00
reqHeaders = depHeaders `HS.union` (HS.fromList setHeaders)
support column presets in update mutation (closes #1449, closes #1464) (#1473) Also restricts altering type of columns which are used in presets
2019-02-11 15:45:30 +03:00
updColsWithoutPreSets = updCols \\ HM.keys setColsSQL
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
Add check expresion to update permissions (close #384) (#3804) * Add check expresion to update permissions (close #384) * wip on conflict behavior * Handle upserts for views properly * Use insert check if there is no update check * Fix the test * Improve error message slightly Co-authored-by: Vamshi Surabhi <0x777@users.noreply.github.com>
2020-02-13 10:38:49 +03:00
return (UpdPermInfo (HS.fromList updColsWithoutPreSets) tn be (fst <$> checkExpr) setColsSQL reqHeaders, deps)
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
where
Replace "identity column" with "column mutability" data for all backends PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3373 GitOrigin-RevId: bf08cc9008a4b0b3ece4952528c15c45e57fc74c
2022-02-03 17:14:33 +03:00
allUpdCols = map ciColumn $ filter (_cmIsUpdatable . ciMutability) $ getCols fieldInfoMap
updCols = interpColSpec allUpdCols colSpec
Produce errors if permissions are set on non-mutable columns PR-URL: https://github.com/hasura/graphql-engine-mono/pull/3195 GitOrigin-RevId: 1c1d326742fa626ad34241cb4e745ba168556bc2
2021-12-21 12:42:35 +03:00
relInUpdErr = "Only table columns can have update permissions defined, not relationships or other field types"
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
buildDelPermInfo ::
forall b m.
(QErrM m, TableCoreInfoRM b m, BackendMetadata b) =>
SourceName ->
TableName b ->
FieldInfoMap (FieldInfo b) ->
DelPerm b ->
m (WithDeps (DelPermInfo b))
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
buildDelPermInfo source tn fieldInfoMap (DelPerm fltr) = do
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
(be, beDeps) <-
withPathK "filter" $
procBoolExp source tn fieldInfoMap fltr
server: switch to a sub-backend approach GitOrigin-RevId: 660126d5f65620fb58a3ffcbed564e9e35f59938
2021-04-22 00:44:37 +03:00
let deps = mkParentDep @b source tn : beDeps
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
depHeaders = getDependentHeaders fltr
fix sql generation for boolean expressions, closes #853 (#1037) When using self referential relationships in boolean expressions, the exists clause incorrectly uses the table names to qualify columns which will be the same for parent table and the child table. This is now fixed by generating unique aliases as we traverse down the relationships.
2018-11-16 15:40:23 +03:00
return (DelPermInfo tn be depHeaders, deps)
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
data SetPermComment b = SetPermComment
{ apSource :: !SourceName,
apTable :: !(TableName b),
apRole :: !RoleName,
apPermission :: !PermType,
apComment :: !(Maybe Text)
Clean metadata arguments ## Description Thanks to #1664, the Metadata API types no longer require a `ToJSON` instance. This PR follows up with a cleanup of the types of the arguments to the metadata API: - whenever possible, it moves those argument types to where they're used (RQL.DDL.*) - it removes all unrequired instances (mostly `ToJSON`) This PR does not attempt to do it for _all_ such argument types. For some of the metadata operations, the type used to describe the argument to the API and used to represent the value in the metadata are one and the same (like for `CreateEndpoint`). Sometimes, the two types are intertwined in complex ways (`RemoteRelationship` and `RemoteRelationshipDef`). In the spirit of only doing uncontroversial cleaning work, this PR only moves types that are not used outside of RQL.DDL. Furthermore, this is a small step towards separating the different types all jumbled together in RQL.Types. ## Notes This PR also improves several `FromJSON` instances to make use of `withObject`, and to use a human readable string instead of a type name in error messages whenever possible. For instance: - before: `expected Object for Object, but encountered X` after: `expected Object for add computed field, but encountered X` - before: `Expecting an object for update query` after: `expected Object for update query, but encountered X` This PR also renames `CreateFunctionPermission` to `FunctionPermissionArgument`, to remove the quite surprising `type DropFunctionPermission = CreateFunctionPermission`. This PR also deletes some dead code, mostly in RQL.DML. This PR also moves a PG-specific source resolving function from DDL.Schema.Source to the only place where it is used: App.hs. https://github.com/hasura/graphql-engine-mono/pull/1844 GitOrigin-RevId: a594521194bb7fe6a111b02a9e099896f9fed59c
2021-07-27 13:41:42 +03:00
}
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server: add MSSQL support Co-authored-by: Rakesh Emmadi <12475069+rakeshkky@users.noreply.github.com> Co-authored-by: Antoine Leblanc <1618949+nicuveo@users.noreply.github.com> Co-authored-by: Vamshi Surabhi <6562944+0x777@users.noreply.github.com> Co-authored-by: Aravind K P <8335904+scriptonist@users.noreply.github.com> GitOrigin-RevId: 699c453b9692e1b822f393f23ff5e6db4e010d57
2021-02-23 20:37:27 +03:00
instance (Backend b) => FromJSON (SetPermComment b) where
Improve error messages of Metadata API. ### Description This PR improves error messages in our metadata API by displaying a message with the name of the failing command and a link to our documentation. Furthermore, it harmonizes our internal uses of `withObject`, to respect the convention of using the Haskell type name, now that the Aeson error message is displayed as an "internal error message". https://github.com/hasura/graphql-engine-mono/pull/1905 GitOrigin-RevId: e4064ba3290306437aa7e45faa316c60e51bc6b6
2021-09-20 22:49:33 +03:00
parseJSON = withObject "SetPermComment" $ \o ->
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
SetPermComment
<$> o .:? "source" .!= defaultSource
<*> o .: "table"
<*> o .: "role"
<*> o .: "permission"
<*> o .:? "comment"
move raven into graphql-engine repo
2018-06-27 16:11:32 +03:00
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
runSetPermComment ::
forall b m.
(QErrM m, CacheRWM m, MetadataM m, BackendMetadata b) =>
SetPermComment b ->
m EncJSON
runSetPermComment (SetPermComment source table roleName permType comment) = do
Remove all functions from `RQL.Types.hs` ## Description This small PR moves all functions in `RQL.Types.hs` to better locations. Most `askX` functions are moved alongside the `unsafe` functions they use. Several other functions are moved closer to their call site. `MetadataM` is moved alongside `Metadata`. This PR also documents the `ask` functions. PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4355 GitOrigin-RevId: 0498a7e8f98e7a94af911dd375cad84ace7ddffa
2022-04-26 18:12:47 +03:00
tableInfo <- askTableInfo @b source table
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
-- assert permission exists and return appropriate permission modifier
permModifier <- case permType of
PTInsert -> do
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
assertPermDefined roleName PTInsert tableInfo
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
pure $ tmInsertPermissions . ix roleName . pdComment .~ comment
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
PTSelect -> do
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
assertPermDefined roleName PTSelect tableInfo
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
pure $ tmSelectPermissions . ix roleName . pdComment .~ comment
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
PTUpdate -> do
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
assertPermDefined roleName PTUpdate tableInfo
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
pure $ tmUpdatePermissions . ix roleName . pdComment .~ comment
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
PTDelete -> do
Remove `class IsPerm` PR-URL: https://github.com/hasura/graphql-engine-mono/pull/4040 GitOrigin-RevId: 2f022bab90ab06486358fde25f68be8ec0092d27
2022-04-06 15:47:35 +03:00
assertPermDefined roleName PTDelete tableInfo
server, pro: actually reformat the code-base using ormolu This commit applies ormolu to the whole Haskell code base by running `make format`. For in-flight branches, simply merging changes from `main` will result in merge conflicts. To avoid this, update your branch using the following instructions. Replace `<format-commit>` by the hash of *this* commit. $ git checkout my-feature-branch $ git merge <format-commit>^ # and resolve conflicts normally $ make format $ git commit -a -m "reformat with ormolu" $ git merge -s ours post-ormolu https://github.com/hasura/graphql-engine-mono/pull/2404 GitOrigin-RevId: 75049f5c12f430c615eafb4c6b8e83e371e01c8e
2021-09-24 01:56:37 +03:00
pure $ tmDeletePermissions . ix roleName . pdComment .~ comment
let metadataObject =
MOSourceObjId source $
AB.mkAnyBackend $
SMOTableObj @b table $
MTOPerm roleName permType
buildSchemaCacheFor metadataObject $
MetadataModifier $
tableMetadataSetter @b source table %~ permModifier
server: support separate metadata database and server code setup for multi sources (#197) This is an incremental PR towards https://github.com/hasura/graphql-engine/pull/5797 Co-authored-by: Anon Ray <ecthiender@users.noreply.github.com> GitOrigin-RevId: a6cb8c239b2ff840a0095e78845f682af0e588a9
2020-12-28 15:56:00 +03:00
pure successMsg
Reference in New Issue Copy Permalink