mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-15 01:12:56 +03:00
Extract RoleName from Hasura.Session, move it into Hasura.RQL.Types.Roles
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/8856 Co-authored-by: Daniel Harvey <4729125+danieljharvey@users.noreply.github.com> GitOrigin-RevId: 38ad67de9b3d765c4eb50943dd52b8fc32317540
This commit is contained in:
Tom Harding
hasura-bot
parent
9869e3fcf4
commit
1698f9dd91
@ -130,6 +130,7 @@ import Hasura.RQL.Types.Eventing.Backend
|
||||
import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Network
|
||||
import Hasura.RQL.Types.ResizePool
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.RQL.Types.Source
|
||||
|
||||
@ -42,6 +42,7 @@ import Hasura.Prelude
|
||||
import Hasura.RQL.DDL.Schema.Cache.Config
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache (MetadataResourceVersion)
|
||||
import Hasura.Server.Auth
|
||||
import Hasura.Server.Cors qualified as Cors
|
||||
@ -50,7 +51,6 @@ import Hasura.Server.Logging
|
||||
import Hasura.Server.Metrics
|
||||
import Hasura.Server.Prometheus
|
||||
import Hasura.Server.Types
|
||||
import Hasura.Session
|
||||
import Hasura.ShutdownLatch
|
||||
import Hasura.Tracing qualified as Tracing
|
||||
import Network.HTTP.Client qualified as HTTP
|
||||
|
||||
@ -44,8 +44,9 @@ import Hasura.Base.Error
|
||||
import Hasura.EncJSON (EncJSON, encJFromJValue)
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.ResizePool
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.SQL.Types (ExtensionsSchema)
|
||||
import Hasura.Session
|
||||
import Hasura.Session (SessionVariables, UserInfo (_uiRole, _uiSession), maybeRoleFromSessionVariables)
|
||||
import Kriti.Error qualified as Kriti
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
|
||||
|
||||
@ -37,12 +37,12 @@ import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Metadata.Backend
|
||||
import Hasura.RQL.Types.Metadata.Instances ()
|
||||
import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.SQL.Tag
|
||||
import Hasura.Session
|
||||
|
||||
newtype TrackFunction b = TrackFunction {tfName :: FunctionName b}
|
||||
|
||||
|
||||
@ -73,8 +73,8 @@ import Hasura.Name qualified as Name
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Language.Haskell.TH.Syntax
|
||||
|
||||
|
||||
@ -51,6 +51,7 @@ import Hasura.RQL.Types.Action
|
||||
import Hasura.RQL.Types.Allowlist
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.Subscription
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
@ -59,7 +60,7 @@ import Hasura.Server.Init qualified as Init
|
||||
import Hasura.Server.Prometheus (PrometheusMetrics)
|
||||
import Hasura.Server.Types (ReadOnlyMode (..), RequestId (..))
|
||||
import Hasura.Services
|
||||
import Hasura.Session
|
||||
import Hasura.Session (BackendOnlyFieldAccess (..), UserInfo (..))
|
||||
import Hasura.Tracing qualified as Tracing
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
|
||||
@ -73,6 +73,7 @@ import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.ComputedField
|
||||
import Hasura.RQL.Types.CustomTypes
|
||||
import Hasura.RQL.Types.Eventing
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Server.Init.Config (OptionalInterval (..))
|
||||
@ -81,7 +82,7 @@ import Hasura.Server.Utils
|
||||
( mkClientHeadersForward,
|
||||
mkSetCookieHeaders,
|
||||
)
|
||||
import Hasura.Session
|
||||
import Hasura.Session (SessionVariables, UserInfo, _uiRole, _uiSession)
|
||||
import Hasura.Tracing qualified as Tracing
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Network.HTTP.Client.Transformable qualified as HTTP
|
||||
|
||||
@ -127,8 +127,9 @@ import Database.PG.Query.PTI qualified as PTI
|
||||
import Hasura.Backends.Postgres.SQL.Value
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Session
|
||||
import Hasura.Session (SessionVariable, SessionVariables, filterSessionVariables)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import PostgreSQL.Binary.Encoding qualified as PE
|
||||
|
||||
|
||||
@ -67,10 +67,10 @@ import Hasura.Logging qualified as L
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common (SourceName)
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.Subscription (SubscriptionType)
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.Server.Types (RequestId)
|
||||
import Hasura.Session
|
||||
import ListT qualified
|
||||
import StmContainers.Map qualified as STMMap
|
||||
|
||||
|
||||
@ -29,11 +29,11 @@ import Hasura.GraphQL.Transport.HTTP.Protocol
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common (SourceName)
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.Subscription (SubscriptionType (..))
|
||||
import Hasura.SQL.Backend (BackendType (..), PostgresKind (Vanilla))
|
||||
import Hasura.SQL.Tag (backendTag, reify)
|
||||
import Hasura.Server.Prometheus (PrometheusMetrics (..), SubscriptionMetrics (..))
|
||||
import Hasura.Session
|
||||
import Refined (unrefine)
|
||||
import System.Metrics.Prometheus.Gauge qualified as Prometheus.Gauge
|
||||
|
||||
|
||||
@ -33,12 +33,12 @@ import Hasura.GraphQL.Transport.HTTP.Protocol
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common (SourceName)
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.Subscription (SubscriptionType (..))
|
||||
import Hasura.SQL.Backend (BackendType (..), PostgresKind (Vanilla))
|
||||
import Hasura.SQL.Tag (backendTag, reify)
|
||||
import Hasura.SQL.Value (TxtEncodedVal (..))
|
||||
import Hasura.Server.Prometheus (PrometheusMetrics (..), SubscriptionMetrics (..))
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Refined (unrefine)
|
||||
import System.Metrics.Prometheus.Gauge qualified as Prometheus.Gauge
|
||||
|
||||
@ -33,9 +33,10 @@ import Hasura.Metadata.Class
|
||||
import Hasura.Prelude
|
||||
import Hasura.QueryTags
|
||||
import Hasura.RQL.IR
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.Session
|
||||
import Hasura.Session (UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkSessionVariablesText, mkUserInfo)
|
||||
import Hasura.Tracing (MonadTrace)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
|
||||
@ -33,11 +33,12 @@ import Hasura.HTTP
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.DDL.Headers (makeHeadersFromConf)
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.RemoteSchema.SchemaCache.Types
|
||||
import Hasura.Server.Utils
|
||||
import Hasura.Services.Network
|
||||
import Hasura.Session
|
||||
import Hasura.Session (UserInfo, adminUserInfo, sessionVariablesToHeaders, _uiSession)
|
||||
import Hasura.Tracing qualified as Tracing
|
||||
import Language.GraphQL.Draft.Parser qualified as G
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
@ -58,6 +58,7 @@ import Hasura.RQL.Types.CustomTypes
|
||||
import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName, mkRoleNameSafe)
|
||||
import Hasura.RQL.Types.SchemaCache hiding (askTableInfo)
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.RQL.Types.SourceCustomization as SC
|
||||
@ -67,7 +68,6 @@ import Hasura.RemoteSchema.SchemaCache
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Tag (HasTag)
|
||||
import Hasura.Server.Types
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
|
||||
@ -41,9 +41,9 @@ import Hasura.RQL.Types.Column
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.CustomTypes
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
-- | actionExecute is used to execute either a query action or a synchronous
|
||||
|
||||
@ -84,12 +84,12 @@ import Hasura.RQL.IR.BoolExp
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache hiding (askTableInfo)
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.RQL.Types.SourceCustomization
|
||||
import Hasura.RemoteSchema.SchemaCache.Types
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.Session (RoleName, adminRoleName)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
-------------------------------------------------------------------------------
|
||||
|
||||
@ -24,6 +24,7 @@ import Hasura.RQL.IR qualified as IR
|
||||
import Hasura.RQL.Types.Common (FieldName, RelType (..), relNameToTxt)
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.ResultCustomization
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache hiding (askTableInfo)
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.RQL.Types.SourceCustomization
|
||||
@ -31,7 +32,6 @@ import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.RemoteSchema.SchemaCache
|
||||
import Hasura.RemoteSchema.SchemaCache qualified as Remote
|
||||
import Hasura.SQL.AnyBackend
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
-- | Remote relationship field parsers
|
||||
|
||||
@ -81,13 +81,13 @@ import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Permission qualified as Permission
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache hiding (askTableInfo)
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.RQL.Types.SourceCustomization
|
||||
import Hasura.RQL.Types.Table
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.Server.Utils (executeJSONPath)
|
||||
import Hasura.Session (RoleName, adminRoleName)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
@ -34,11 +34,11 @@ import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Column
|
||||
import Hasura.RQL.Types.ComputedField
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache hiding (askTableInfo)
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.RQL.Types.SourceCustomization
|
||||
import Hasura.RQL.Types.Table
|
||||
import Hasura.Session (RoleName)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
-- | Helper function to get the table GraphQL name. A table may have a
|
||||
|
||||
@ -74,6 +74,7 @@ import Hasura.RQL.Types.Action
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.ResultCustomization
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RemoteSchema.SchemaCache
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
@ -90,7 +91,7 @@ import Hasura.Server.Prometheus
|
||||
import Hasura.Server.Telemetry.Counters qualified as Telem
|
||||
import Hasura.Server.Types (ReadOnlyMode (..), RequestId (..))
|
||||
import Hasura.Services
|
||||
import Hasura.Session
|
||||
import Hasura.Session (SessionVariable, SessionVariableValue, SessionVariables, UserInfo (..), filterSessionVariables)
|
||||
import Hasura.Tracing (MonadTrace, TraceT, newSpan)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
|
||||
@ -38,12 +38,12 @@ import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Metadata.Backend
|
||||
import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Permission (PermDef (_pdRole), SelPerm)
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Server.Init.FeatureFlag (HasFeatureFlagChecker (..))
|
||||
import Hasura.Server.Init.FeatureFlag qualified as FF
|
||||
import Hasura.Session (RoleName)
|
||||
|
||||
-- | Default implementation of the 'track_logical_model' request payload.
|
||||
data TrackLogicalModel (b :: BackendType) = TrackLogicalModel
|
||||
|
||||
@ -25,8 +25,8 @@ import Hasura.Prelude hiding (first)
|
||||
import Hasura.RQL.Types.Backend (Backend (..))
|
||||
import Hasura.RQL.Types.Common (SourceName, ToAesonPairs (toAesonPairs), defaultSource)
|
||||
import Hasura.RQL.Types.Permission (SelPermDef, _pdRole)
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.SQL.Backend (BackendType)
|
||||
import Hasura.Session (RoleName)
|
||||
|
||||
-- | Description of a logical model for use in metadata (before schema cache)
|
||||
data LogicalModelMetadata (b :: BackendType) = LogicalModelMetadata
|
||||
|
||||
@ -31,8 +31,8 @@ import Hasura.RQL.IR.Value qualified as IR
|
||||
import Hasura.RQL.Types.Backend (Backend)
|
||||
import Hasura.RQL.Types.Common (RelName)
|
||||
import Hasura.RQL.Types.Relationships.Local (RelInfo)
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.RQL.Types.Table (SelPermInfo (..), _permSel)
|
||||
import Hasura.Session (RoleName, adminRoleName)
|
||||
|
||||
-- | find list of columns we're allowed to access for this role
|
||||
getSelPermInfoForLogicalModel ::
|
||||
|
||||
@ -42,11 +42,11 @@ import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.CustomTypes
|
||||
import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.SQL.BackendMap (BackendMap)
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
getActionInfo ::
|
||||
|
||||
@ -19,7 +19,6 @@ import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Roles
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.Session
|
||||
|
||||
runAddInheritedRole ::
|
||||
( MonadError QErr m,
|
||||
|
||||
@ -54,13 +54,14 @@ import Hasura.RQL.Types.Metadata.Backend
|
||||
import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.RQL.Types.SchemaCacheTypes
|
||||
import Hasura.RQL.Types.Table
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Types
|
||||
import Hasura.Session
|
||||
import Hasura.Session (UserInfoM)
|
||||
|
||||
{- Note [Backend only permissions]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
@ -33,11 +33,11 @@ import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Metadata.Backend
|
||||
import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCacheTypes
|
||||
import Hasura.RQL.Types.Table
|
||||
import Hasura.Server.Utils
|
||||
import Hasura.Session
|
||||
|
||||
-- | Intrepet a 'PermColSpec' column specification, which can either refer to a
|
||||
-- list of named columns or all columns.
|
||||
|
||||
@ -80,7 +80,6 @@ import Hasura.SQL.Backend
|
||||
import Hasura.SQL.BackendMap (BackendMap)
|
||||
import Hasura.SQL.BackendMap qualified as BackendMap
|
||||
import Hasura.Services
|
||||
import Hasura.Session
|
||||
import Network.HTTP.Client.Transformable qualified as HTTP
|
||||
|
||||
newtype BackendInvalidationKeysWrapper (b :: BackendType) = BackendInvalidationKeysWrapper
|
||||
|
||||
@ -38,7 +38,6 @@ import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.RQL.Types.SchemaCacheTypes
|
||||
import Hasura.RQL.Types.Table
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.Session
|
||||
|
||||
{- Note: [Inherited roles architecture for read queries]
|
||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||
|
||||
@ -28,13 +28,13 @@ import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.Relationships.ToSource
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCacheTypes
|
||||
import Hasura.RQL.Types.Table
|
||||
import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
data RenameItem (b :: BackendType) a = RenameItem
|
||||
|
||||
@ -51,11 +51,12 @@ import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.ComputedField
|
||||
import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.Table
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.SQL.Types
|
||||
import Hasura.Session
|
||||
import Hasura.Session (SessionVariable, UserInfoM, askCurRole, askUserInfo, getSessionVariables, sessionVariableToText, _uiSession)
|
||||
|
||||
newtype DMLP1T m a = DMLP1T {unDMLP1T :: StateT (DS.Seq PG.PrepArg) m a}
|
||||
deriving
|
||||
|
||||
@ -77,7 +77,8 @@ import Hasura.RQL.DDL.Webhook.Transform (MetadataResponseTransform, RequestTrans
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.CustomTypes
|
||||
import Hasura.RQL.Types.Eventing (EventId (..))
|
||||
import Hasura.Session
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.Session (SessionVariables)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
import PostgreSQL.Binary.Encoding qualified as PE
|
||||
|
||||
@ -31,7 +31,7 @@ import Hasura.GraphQL.Parser.Name qualified as GName
|
||||
import Hasura.Metadata.DTO.Utils (discriminatorBoolField)
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.QueryCollection
|
||||
import Hasura.Session (RoleName)
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
newtype DropCollectionFromAllowlist = DropCollectionFromAllowlist
|
||||
|
||||
@ -38,8 +38,8 @@ import Data.Text qualified as T
|
||||
import Data.Text.Extended (ToTxt (..))
|
||||
import Data.Typeable (Typeable)
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.Server.Utils (isSessionVariable)
|
||||
import Hasura.Session (RoleName)
|
||||
|
||||
data ApiLimit = ApiLimit
|
||||
{ _alRateLimit :: Maybe RateLimit,
|
||||
|
||||
@ -10,7 +10,7 @@ import Autodocodec.Extended (hashSetCodec)
|
||||
import Data.Aeson.TH
|
||||
import Data.HashSet qualified as Set
|
||||
import Hasura.Prelude
|
||||
import Hasura.Session
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
|
||||
newtype SetGraphqlIntrospectionOptions = SetGraphqlIntrospectionOptions {_idrDisabledForRoles :: (Set.HashSet RoleName)}
|
||||
deriving (Show, Eq, Generic, Semigroup, Monoid)
|
||||
|
||||
@ -77,12 +77,12 @@ import Hasura.RQL.Types.Metadata.Serialization
|
||||
import Hasura.RQL.Types.Network
|
||||
import Hasura.RQL.Types.OpenTelemetry
|
||||
import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.SQL.BackendMap (BackendMap)
|
||||
import Hasura.SQL.BackendMap qualified as BackendMap
|
||||
import Hasura.Session
|
||||
import Hasura.Tracing (TraceT)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
|
||||
@ -107,7 +107,6 @@ import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.SQL.Tag (BackendTag, HasTag (backendTag))
|
||||
import Hasura.Session
|
||||
|
||||
-- | Parse a list of objects into a map from a derived key,
|
||||
-- failing if the list has duplicates.
|
||||
|
||||
@ -58,9 +58,9 @@ import Hasura.RQL.Types.Instances ()
|
||||
import Hasura.RQL.Types.OpenTelemetry
|
||||
import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.QueryCollection (CollectionName, ListedQuery (_lqName))
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
data TableMetadataObjId
|
||||
|
||||
@ -48,8 +48,8 @@ import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Column
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.ComputedField
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Session
|
||||
import PostgreSQL.Binary.Decoding qualified as PD
|
||||
|
||||
data PermType
|
||||
|
||||
@ -5,6 +5,11 @@ module Hasura.RQL.Types.Roles
|
||||
InheritedRole,
|
||||
ParentRoles (..),
|
||||
Role (..),
|
||||
RoleName,
|
||||
mkRoleName,
|
||||
mkRoleNameSafe,
|
||||
adminRoleName,
|
||||
roleNameToTxt,
|
||||
)
|
||||
where
|
||||
|
||||
@ -14,8 +19,44 @@ import Autodocodec.Extended (hashSetCodec)
|
||||
import Data.Aeson
|
||||
import Data.Aeson.Casing
|
||||
import Data.Aeson.TH
|
||||
import Data.Text.Extended (ToTxt (toTxt))
|
||||
import Data.Text.NonEmpty (NonEmptyText, mkNonEmptyText, mkNonEmptyTextUnsafe, nonEmptyTextCodec, unNonEmptyText)
|
||||
import Database.PG.Query qualified as PG
|
||||
import Hasura.Prelude
|
||||
import Hasura.Session
|
||||
|
||||
newtype RoleName = RoleName {getRoleTxt :: NonEmptyText}
|
||||
deriving
|
||||
( Show,
|
||||
Eq,
|
||||
Ord,
|
||||
Hashable,
|
||||
FromJSONKey,
|
||||
ToJSONKey,
|
||||
FromJSON,
|
||||
ToJSON,
|
||||
PG.FromCol,
|
||||
PG.ToPrepArg,
|
||||
Generic,
|
||||
NFData
|
||||
)
|
||||
|
||||
instance HasCodec RoleName where
|
||||
codec = dimapCodec RoleName getRoleTxt nonEmptyTextCodec
|
||||
|
||||
roleNameToTxt :: RoleName -> Text
|
||||
roleNameToTxt = unNonEmptyText . getRoleTxt
|
||||
|
||||
instance ToTxt RoleName where
|
||||
toTxt = roleNameToTxt
|
||||
|
||||
mkRoleName :: Text -> Maybe RoleName
|
||||
mkRoleName = fmap RoleName . mkNonEmptyText
|
||||
|
||||
mkRoleNameSafe :: NonEmptyText -> RoleName
|
||||
mkRoleNameSafe = RoleName
|
||||
|
||||
adminRoleName :: RoleName
|
||||
adminRoleName = RoleName $ mkNonEmptyTextUnsafe "admin"
|
||||
|
||||
newtype ParentRoles = ParentRoles {_unParentRoles :: HashSet RoleName}
|
||||
deriving (Show, Eq, ToJSON, FromJSON, Generic)
|
||||
|
||||
@ -150,6 +150,7 @@ import Hasura.RQL.Types.OpenTelemetry (OpenTelemetryInfo)
|
||||
import Hasura.RQL.Types.QueryCollection
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.ScheduledTrigger
|
||||
import Hasura.RQL.Types.SchemaCacheTypes
|
||||
import Hasura.RQL.Types.Source
|
||||
@ -161,7 +162,7 @@ import Hasura.SQL.Backend
|
||||
import Hasura.SQL.BackendMap (BackendMap)
|
||||
import Hasura.SQL.BackendMap qualified as BackendMap
|
||||
import Hasura.SQL.Tag (HasTag (backendTag), reify)
|
||||
import Hasura.Session
|
||||
import Hasura.Session (UserInfoM)
|
||||
import Hasura.Tracing (TraceT)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import System.Cron.Types
|
||||
|
||||
@ -41,10 +41,10 @@ import Hasura.RQL.Types.EventTrigger
|
||||
import Hasura.RQL.Types.Instances ()
|
||||
import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Permission
|
||||
import Hasura.RQL.Types.Roles (RoleName, roleNameToTxt)
|
||||
import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.SQL.AnyBackend qualified as AB
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
data TableObjId (b :: BackendType)
|
||||
|
||||
@ -140,10 +140,10 @@ import Hasura.RQL.Types.EventTrigger
|
||||
import Hasura.RQL.Types.Permission (AllowedRootFields (..), QueryRootFieldType (..), SubscriptionRootFieldType (..))
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Relationships.Remote
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.SQL.AnyBackend (runBackend)
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Server.Utils (englishList)
|
||||
import Hasura.Session
|
||||
import Language.GraphQL.Draft.Parser qualified as GParse
|
||||
import Language.GraphQL.Draft.Printer qualified as GPrint
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
@ -11,7 +11,7 @@ import Autodocodec.Extended (graphQLSchemaDocumentCodec)
|
||||
import Data.Aeson qualified as J
|
||||
import Data.Aeson.TH qualified as J
|
||||
import Hasura.Prelude
|
||||
import Hasura.Session
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Language.GraphQL.Draft.Printer qualified as G
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Text.Builder qualified as TB
|
||||
|
||||
@ -27,6 +27,7 @@ import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.RQL.Types.SchemaCacheTypes
|
||||
@ -34,7 +35,7 @@ import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.RemoteSchema.SchemaCache.Build (addRemoteSchemaP2Setup)
|
||||
import Hasura.RemoteSchema.SchemaCache.Types
|
||||
import Hasura.Services
|
||||
import Hasura.Session
|
||||
import Hasura.Session (UserInfoM)
|
||||
import Hasura.Tracing qualified as Tracing
|
||||
|
||||
-- | The payload for 'add_remote_schema', and a component of 'Metadata'.
|
||||
|
||||
@ -19,11 +19,11 @@ import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Metadata
|
||||
import Hasura.RQL.Types.Metadata.Object
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.SchemaCache.Build
|
||||
import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.RemoteSchema.SchemaCache.Permission
|
||||
import Hasura.Session
|
||||
|
||||
data AddRemoteSchemaPermission = AddRemoteSchemaPermission
|
||||
{ _arspRemoteSchema :: RemoteSchemaName,
|
||||
|
||||
@ -29,7 +29,6 @@ import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.RemoteSchema.SchemaCache.Permission (resolveRoleBasedRemoteSchema)
|
||||
import Hasura.RemoteSchema.SchemaCache.Types
|
||||
import Hasura.Services
|
||||
import Hasura.Session
|
||||
import Hasura.Tracing qualified as Tracing
|
||||
|
||||
-- Resolves a user specified `RemoteSchemaMetadata` into information rich `RemoteSchemaCtx`
|
||||
|
||||
@ -49,11 +49,12 @@ import Hasura.GraphQL.Parser.Name qualified as GName
|
||||
import Hasura.Name qualified as Name
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Metadata.Instances ()
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RemoteSchema.Metadata (RemoteSchemaName)
|
||||
import Hasura.RemoteSchema.SchemaCache.Types
|
||||
import Hasura.Server.Utils (englishList, isSessionVariable)
|
||||
import Hasura.Session
|
||||
import Hasura.Session (mkSessionVariable)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
|
||||
data FieldDefinitionType
|
||||
|
||||
@ -65,8 +65,9 @@ import Hasura.GraphQL.Schema.Typename
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.DDL.Headers (HeaderConf (..))
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RemoteSchema.Metadata
|
||||
import Hasura.Session
|
||||
import Hasura.Session (SessionVariable)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Network.URI.Extended qualified as N
|
||||
import Witherable (Filterable (..))
|
||||
|
||||
@ -75,6 +75,7 @@ import Hasura.RQL.DDL.EventTrigger (MonadEventLogCleanup)
|
||||
import Hasura.RQL.DDL.Schema
|
||||
import Hasura.RQL.DDL.Schema.Cache.Config
|
||||
import Hasura.RQL.Types.Endpoint as EP
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.SQL.Backend
|
||||
@ -102,7 +103,7 @@ import Hasura.Server.Types
|
||||
import Hasura.Server.Utils
|
||||
import Hasura.Server.Version
|
||||
import Hasura.Services
|
||||
import Hasura.Session
|
||||
import Hasura.Session (ExtraUserInfo (..), UserInfo (..), UserInfoM, askUserInfo)
|
||||
import Hasura.Tracing (MonadTrace)
|
||||
import Hasura.Tracing qualified as Tracing
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
|
||||
@ -43,10 +43,11 @@ import Hasura.Base.Error
|
||||
import Hasura.GraphQL.Transport.HTTP.Protocol (ReqsText)
|
||||
import Hasura.Logging
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.Server.Auth.JWT hiding (processJwt_)
|
||||
import Hasura.Server.Auth.WebHook
|
||||
import Hasura.Server.Utils
|
||||
import Hasura.Session
|
||||
import Hasura.Session (ExtraUserInfo, UserAdminSecret (..), UserInfo, UserRoleBuild (..), getSessionVariableValue, mkSessionVariablesHeaders, mkUserInfo)
|
||||
import Network.HTTP.Client qualified as HTTP
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
|
||||
|
||||
@ -90,6 +90,7 @@ import Hasura.Base.Error
|
||||
import Hasura.HTTP
|
||||
import Hasura.Logging (Hasura, LogLevel (..), Logger (..))
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Roles (RoleName, mkRoleName)
|
||||
import Hasura.Server.Auth.JWT.Internal (parseEdDSAKey, parseHmacKey, parseRsaKey)
|
||||
import Hasura.Server.Auth.JWT.Logging
|
||||
import Hasura.Server.Utils
|
||||
@ -98,7 +99,7 @@ import Hasura.Server.Utils
|
||||
isSessionVariable,
|
||||
userRoleHeader,
|
||||
)
|
||||
import Hasura.Session
|
||||
import Hasura.Session (SessionVariable, SessionVariableValue, UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkSessionVariable, mkSessionVariablesHeaders, mkSessionVariablesText, mkUserInfo, sessionVariableToText)
|
||||
import Network.HTTP.Client.Transformable qualified as HTTP
|
||||
import Network.HTTP.Types as N
|
||||
import Network.URI (URI)
|
||||
|
||||
@ -80,6 +80,8 @@ import Hasura.GraphQL.Schema.Options qualified as Options
|
||||
import Hasura.Logging qualified as Logging
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Metadata (MetadataDefaults, emptyMetadataDefaults)
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.Roles qualified as Roles
|
||||
import Hasura.Server.Auth qualified as Auth
|
||||
import Hasura.Server.Cors qualified as Cors
|
||||
import Hasura.Server.Init.Arg.PrettyPrinter qualified as PP
|
||||
@ -87,7 +89,6 @@ import Hasura.Server.Init.Config qualified as Config
|
||||
import Hasura.Server.Init.Env qualified as Env
|
||||
import Hasura.Server.Logging qualified as Server.Logging
|
||||
import Hasura.Server.Types qualified as Types
|
||||
import Hasura.Session qualified as Session
|
||||
import Network.Wai.Handler.Warp qualified as Warp
|
||||
import Network.WebSockets qualified as WebSockets
|
||||
import Options.Applicative qualified as Opt
|
||||
@ -434,7 +435,7 @@ jwtSecretOption =
|
||||
<> "`{\"type\": \"RS256\", \"key\": \"<your-PEM-RSA-public-key>\", \"claims_namespace\": \"<optional-custom-claims-key-name>\"}`"
|
||||
}
|
||||
|
||||
parseUnAuthRole :: Opt.Parser (Maybe Session.RoleName)
|
||||
parseUnAuthRole :: Opt.Parser (Maybe RoleName)
|
||||
parseUnAuthRole =
|
||||
fmap mkRoleName $
|
||||
Opt.optional $
|
||||
@ -444,7 +445,7 @@ parseUnAuthRole =
|
||||
<> Opt.help (Config._helpMessage unAuthRoleOption)
|
||||
)
|
||||
where
|
||||
mkRoleName mText = mText >>= Session.mkRoleName
|
||||
mkRoleName mText = mText >>= Roles.mkRoleName
|
||||
|
||||
unAuthRoleOption :: Config.Option ()
|
||||
unAuthRoleOption =
|
||||
|
||||
@ -94,11 +94,11 @@ import Hasura.Logging qualified as Logging
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Common qualified as Common
|
||||
import Hasura.RQL.Types.Metadata (MetadataDefaults)
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName)
|
||||
import Hasura.Server.Auth qualified as Auth
|
||||
import Hasura.Server.Cors qualified as Cors
|
||||
import Hasura.Server.Logging qualified as Server.Logging
|
||||
import Hasura.Server.Types qualified as Server.Types
|
||||
import Hasura.Session qualified as Session
|
||||
import Network.Wai.Handler.Warp qualified as Warp
|
||||
import Network.WebSockets qualified as WebSockets
|
||||
import Refined (NonNegative, Positive, Refined, unrefine)
|
||||
@ -281,7 +281,7 @@ data ServeOptionsRaw impl = ServeOptionsRaw
|
||||
rsoAdminSecret :: Maybe Auth.AdminSecretHash,
|
||||
rsoAuthHook :: AuthHookRaw,
|
||||
rsoJwtSecret :: Maybe Auth.JWTConfig,
|
||||
rsoUnAuthRole :: Maybe Session.RoleName,
|
||||
rsoUnAuthRole :: Maybe RoleName,
|
||||
rsoCorsConfig :: Maybe Cors.CorsConfig,
|
||||
rsoConsoleStatus :: ConsoleStatus,
|
||||
rsoConsoleAssetsDir :: Maybe Text,
|
||||
@ -581,7 +581,7 @@ data ServeOptions impl = ServeOptions
|
||||
soAdminSecret :: HashSet Auth.AdminSecretHash,
|
||||
soAuthHook :: Maybe Auth.AuthHook,
|
||||
soJwtSecret :: [Auth.JWTConfig],
|
||||
soUnAuthRole :: Maybe Session.RoleName,
|
||||
soUnAuthRole :: Maybe RoleName,
|
||||
soCorsConfig :: Cors.CorsConfig,
|
||||
soConsoleStatus :: ConsoleStatus,
|
||||
soConsoleAssetsDir :: Maybe Text,
|
||||
@ -632,10 +632,10 @@ data ResponseInternalErrorsConfig
|
||||
| InternalErrorsDisabled
|
||||
deriving (Show, Eq)
|
||||
|
||||
shouldIncludeInternal :: Session.RoleName -> ResponseInternalErrorsConfig -> Bool
|
||||
shouldIncludeInternal :: RoleName -> ResponseInternalErrorsConfig -> Bool
|
||||
shouldIncludeInternal role = \case
|
||||
InternalErrorsAllRequests -> True
|
||||
InternalErrorsAdminOnly -> role == Session.adminRoleName
|
||||
InternalErrorsAdminOnly -> role == adminRoleName
|
||||
InternalErrorsDisabled -> False
|
||||
|
||||
--------------------------------------------------------------------------------
|
||||
|
||||
@ -40,13 +40,13 @@ import Hasura.GraphQL.Schema.Options qualified as Options
|
||||
import Hasura.Logging qualified as Logging
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Metadata (Metadata, MetadataDefaults (..))
|
||||
import Hasura.RQL.Types.Roles (RoleName, mkRoleName)
|
||||
import Hasura.Server.Auth qualified as Auth
|
||||
import Hasura.Server.Cors qualified as Cors
|
||||
import Hasura.Server.Init.Config qualified as Config
|
||||
import Hasura.Server.Logging qualified as Server.Logging
|
||||
import Hasura.Server.Types qualified as Server.Types
|
||||
import Hasura.Server.Utils qualified as Utils
|
||||
import Hasura.Session qualified as Session
|
||||
import Network.Wai.Handler.Warp qualified as Warp
|
||||
import Refined (NonNegative, Positive, Refined, refineFail, unrefine)
|
||||
|
||||
@ -200,9 +200,9 @@ instance FromEnv Integer where
|
||||
instance FromEnv Auth.AdminSecretHash where
|
||||
fromEnv = Right . Auth.hashAdminSecret . Text.pack
|
||||
|
||||
instance FromEnv Session.RoleName where
|
||||
instance FromEnv RoleName where
|
||||
fromEnv string =
|
||||
case Session.mkRoleName (Text.pack string) of
|
||||
case mkRoleName (Text.pack string) of
|
||||
Nothing -> Left "empty string not allowed"
|
||||
Just roleName -> Right roleName
|
||||
|
||||
|
||||
@ -48,6 +48,7 @@ import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.CustomTypes
|
||||
import Hasura.RQL.Types.Metadata.Instances ()
|
||||
import Hasura.RQL.Types.Relationships.Local
|
||||
import Hasura.RQL.Types.Roles (RoleName)
|
||||
import Hasura.RQL.Types.SchemaCache
|
||||
import Hasura.RQL.Types.Source
|
||||
import Hasura.RQL.Types.Table
|
||||
@ -60,7 +61,6 @@ import Hasura.Server.Telemetry.Counters (dumpServiceTimingMetrics)
|
||||
import Hasura.Server.Telemetry.Types
|
||||
import Hasura.Server.Types
|
||||
import Hasura.Server.Version
|
||||
import Hasura.Session
|
||||
import Network.HTTP.Client qualified as HTTP
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
import Network.Wreq qualified as Wreq
|
||||
|
||||
@ -1,12 +1,7 @@
|
||||
{-# LANGUAGE TemplateHaskell #-}
|
||||
|
||||
module Hasura.Session
|
||||
( RoleName,
|
||||
mkRoleName,
|
||||
mkRoleNameSafe,
|
||||
adminRoleName,
|
||||
roleNameToTxt,
|
||||
SessionVariable,
|
||||
( SessionVariable,
|
||||
mkSessionVariable,
|
||||
SessionVariables,
|
||||
filterSessionVariables,
|
||||
@ -32,7 +27,6 @@ module Hasura.Session
|
||||
)
|
||||
where
|
||||
|
||||
import Autodocodec (HasCodec (codec), dimapCodec)
|
||||
import Data.Aeson
|
||||
import Data.Aeson.TH qualified as J
|
||||
import Data.Aeson.Types (Parser, toJSONKeyText)
|
||||
@ -41,49 +35,14 @@ import Data.HashMap.Strict qualified as Map
|
||||
import Data.HashSet qualified as Set
|
||||
import Data.Text qualified as T
|
||||
import Data.Text.Extended
|
||||
import Data.Text.NonEmpty
|
||||
import Database.PG.Query qualified as PG
|
||||
import Hasura.Base.Error
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName, mkRoleName, roleNameToTxt)
|
||||
import Hasura.Server.Utils
|
||||
import Hasura.Tracing (TraceT)
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
|
||||
newtype RoleName = RoleName {getRoleTxt :: NonEmptyText}
|
||||
deriving
|
||||
( Show,
|
||||
Eq,
|
||||
Ord,
|
||||
Hashable,
|
||||
FromJSONKey,
|
||||
ToJSONKey,
|
||||
FromJSON,
|
||||
ToJSON,
|
||||
PG.FromCol,
|
||||
PG.ToPrepArg,
|
||||
Generic,
|
||||
NFData
|
||||
)
|
||||
|
||||
instance HasCodec RoleName where
|
||||
codec = dimapCodec RoleName getRoleTxt nonEmptyTextCodec
|
||||
|
||||
roleNameToTxt :: RoleName -> Text
|
||||
roleNameToTxt = unNonEmptyText . getRoleTxt
|
||||
|
||||
instance ToTxt RoleName where
|
||||
toTxt = roleNameToTxt
|
||||
|
||||
mkRoleName :: Text -> Maybe RoleName
|
||||
mkRoleName = fmap RoleName . mkNonEmptyText
|
||||
|
||||
mkRoleNameSafe :: NonEmptyText -> RoleName
|
||||
mkRoleNameSafe = RoleName
|
||||
|
||||
adminRoleName :: RoleName
|
||||
adminRoleName = RoleName $ mkNonEmptyTextUnsafe "admin"
|
||||
|
||||
newtype SessionVariable = SessionVariable {unSessionVariable :: CI.CI Text}
|
||||
deriving (Show, Eq, Hashable, IsString, Data, NFData, Ord)
|
||||
|
||||
|
||||
@ -22,12 +22,12 @@ import Hasura.Base.Error.TestInstances ()
|
||||
import Hasura.GraphQL.Parser.Variable (VariableInfo (..))
|
||||
import Hasura.RQL.IR.Value (Provenance (..), UnpreparedValue (..))
|
||||
import Hasura.RQL.Types.Column (ColumnType (..), ColumnValue (..))
|
||||
import Hasura.RQL.Types.Roles (mkRoleNameSafe)
|
||||
import Hasura.SQL.Backend (BackendType (..), PostgresKind (..))
|
||||
import Hasura.SQL.Types (CollectableType (..))
|
||||
import Hasura.Session
|
||||
( BackendOnlyFieldAccess (..),
|
||||
UserInfo (..),
|
||||
mkRoleNameSafe,
|
||||
mkSessionVariablesText,
|
||||
)
|
||||
import Language.GraphQL.Draft.Syntax.QQ qualified as G
|
||||
|
||||
@ -31,8 +31,9 @@ import Hasura.RQL.IR.RemoteSchema
|
||||
import Hasura.RQL.IR.Root
|
||||
import Hasura.RQL.IR.Value
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RemoteSchema.SchemaCache
|
||||
import Hasura.Session
|
||||
import Hasura.Session (BackendOnlyFieldAccess (..), SessionVariables, UserInfo (..), mkSessionVariable)
|
||||
import Language.GraphQL.Draft.Parser qualified as G
|
||||
import Language.GraphQL.Draft.Syntax qualified as G
|
||||
import Language.GraphQL.Draft.Syntax.QQ qualified as G
|
||||
|
||||
@ -7,7 +7,6 @@ import Hasura.RQL.DDL.Schema.Cache
|
||||
import Hasura.RQL.DDL.Schema.Cache.Permission
|
||||
import Hasura.RQL.Types.Action
|
||||
import Hasura.RQL.Types.Roles
|
||||
import Hasura.Session
|
||||
import Test.Hspec
|
||||
|
||||
spec :: Spec
|
||||
|
||||
@ -15,7 +15,7 @@ import Data.Text.NonEmpty (mkNonEmptyTextUnsafe)
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Allowlist
|
||||
import Hasura.RQL.Types.QueryCollection
|
||||
import Hasura.Session (mkRoleName)
|
||||
import Hasura.RQL.Types.Roles (mkRoleName)
|
||||
import Test.Hspec
|
||||
|
||||
spec :: Spec
|
||||
|
||||
@ -18,10 +18,11 @@ import Hasura.Base.Error
|
||||
import Hasura.GraphQL.Transport.HTTP.Protocol (ReqsText)
|
||||
import Hasura.Logging (Logger (..))
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Roles (RoleName, adminRoleName, mkRoleName)
|
||||
import Hasura.Server.Auth hiding (getUserInfoWithExpTime, processJwt)
|
||||
import Hasura.Server.Auth.JWT hiding (processJwt)
|
||||
import Hasura.Server.Utils
|
||||
import Hasura.Session
|
||||
import Hasura.Session (UserAdminSecret (..), UserInfo (..), UserRoleBuild (..), mkSessionVariable, mkSessionVariablesHeaders, mkUserInfo, sessionVariableToText)
|
||||
import Network.HTTP.Client qualified as HTTP
|
||||
import Network.HTTP.Types qualified as HTTP
|
||||
import Test.Hspec
|
||||
|
||||
@ -20,13 +20,13 @@ import Hasura.GraphQL.Schema.Options qualified as Options
|
||||
import Hasura.Logging qualified as Logging
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Metadata (Metadata, MetadataDefaults (..), overrideMetadataDefaults, _metaBackendConfigs)
|
||||
import Hasura.RQL.Types.Roles qualified as Roles
|
||||
import Hasura.SQL.BackendMap qualified as BackendMap
|
||||
import Hasura.Server.Auth qualified as Auth
|
||||
import Hasura.Server.Cors qualified as Cors
|
||||
import Hasura.Server.Init qualified as UUT
|
||||
import Hasura.Server.Logging qualified as Logging
|
||||
import Hasura.Server.Types qualified as Types
|
||||
import Hasura.Session qualified as Session
|
||||
import Network.WebSockets qualified as WS
|
||||
import Options.Applicative qualified as Opt
|
||||
import Refined (NonNegative, Positive, refineTH)
|
||||
@ -719,7 +719,7 @@ serveParserSpec =
|
||||
result = Opt.execParserPure Opt.defaultPrefs parserInfo argInput
|
||||
|
||||
fmap UUT.rsoUnAuthRole result `Hspec.shouldSatisfy` \case
|
||||
Opt.Success unAuthRole -> fmap Session.roleNameToTxt unAuthRole == Just "guest"
|
||||
Opt.Success unAuthRole -> fmap Roles.roleNameToTxt unAuthRole == Just "guest"
|
||||
Opt.Failure _pf -> False
|
||||
Opt.CompletionInvoked _cr -> False
|
||||
|
||||
|
||||
@ -16,13 +16,13 @@ import Hasura.GraphQL.Schema.Options qualified as Options
|
||||
import Hasura.Logging (Hasura)
|
||||
import Hasura.Logging qualified as Logging
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Roles qualified as Roles
|
||||
import Hasura.SQL.Types qualified as MonadTx
|
||||
import Hasura.Server.Auth qualified as Auth
|
||||
import Hasura.Server.Cors qualified as Cors
|
||||
import Hasura.Server.Init qualified as UUT
|
||||
import Hasura.Server.Logging qualified as Logging
|
||||
import Hasura.Server.Types qualified as Types
|
||||
import Hasura.Session qualified as UUT
|
||||
import Network.WebSockets qualified as WS
|
||||
import Refined (NonNegative, Positive, refineTH, unrefine)
|
||||
import Test.Hspec qualified as Hspec
|
||||
@ -377,17 +377,17 @@ mkServeOptionsSpec =
|
||||
-- Then
|
||||
result = UUT.runWithEnv env (UUT.mkServeOptions @Hasura rawServeOptions)
|
||||
|
||||
fmap UUT.soUnAuthRole result `Hspec.shouldBe` Right (UUT.mkRoleName "guest")
|
||||
fmap UUT.soUnAuthRole result `Hspec.shouldBe` Right (Roles.mkRoleName "guest")
|
||||
|
||||
Hspec.it "Arg > Env" $ do
|
||||
let -- Given
|
||||
rawServeOptions = emptyServeOptionsRaw {UUT.rsoUnAuthRole = UUT.mkRoleName "visitor"}
|
||||
rawServeOptions = emptyServeOptionsRaw {UUT.rsoUnAuthRole = Roles.mkRoleName "visitor"}
|
||||
-- When
|
||||
env = [(UUT._envVar UUT.unAuthRoleOption, "guest")]
|
||||
-- Then
|
||||
result = UUT.runWithEnv env (UUT.mkServeOptions @Hasura rawServeOptions)
|
||||
|
||||
fmap UUT.soUnAuthRole result `Hspec.shouldBe` Right (UUT.mkRoleName "visitor")
|
||||
fmap UUT.soUnAuthRole result `Hspec.shouldBe` Right (Roles.mkRoleName "visitor")
|
||||
|
||||
Hspec.describe "soCorsConfig" $ do
|
||||
Hspec.it "Env > Nothing" $ do
|
||||
|
||||
@ -26,11 +26,11 @@ import Hasura.GraphQL.Schema.Options (SchemaOptions (..))
|
||||
import Hasura.GraphQL.Schema.Options qualified as Options
|
||||
import Hasura.GraphQL.Schema.Typename
|
||||
import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Roles (adminRoleName)
|
||||
import Hasura.RQL.Types.Source (SourceInfo)
|
||||
import Hasura.RQL.Types.SourceCustomization (MkRootFieldName)
|
||||
import Hasura.RemoteSchema.SchemaCache (CustomizeRemoteFieldName)
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Session (adminRoleName)
|
||||
import Language.Haskell.TH.Syntax qualified as TH
|
||||
import Test.HUnit.Lang (assertFailure)
|
||||
|
||||
|
||||
@ -37,12 +37,12 @@ import Hasura.Prelude
|
||||
import Hasura.RQL.Types.Backend
|
||||
import Hasura.RQL.Types.Common
|
||||
import Hasura.RQL.Types.ResizePool (ResizePoolStrategy (..))
|
||||
import Hasura.RQL.Types.Roles (RoleName, mkRoleName)
|
||||
import Hasura.SQL.Backend
|
||||
import Hasura.Server.Init (considerEnv, databaseUrlOption, runWithEnv, _envVar)
|
||||
import Hasura.Server.Metrics (createServerMetrics)
|
||||
import Hasura.Server.Prometheus (makeDummyPrometheusMetrics)
|
||||
import Hasura.Server.Types (RequestId (..))
|
||||
import Hasura.Session (RoleName, mkRoleName)
|
||||
import Language.GraphQL.Draft.Syntax.QQ qualified as G
|
||||
import ListT qualified
|
||||
import StmContainers.Map qualified as STMMap
|
||||
|
||||
Loading…
Reference in New Issue
Block a user