hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-14 17:02:49 +03:00
Code Issues Projects Releases Wiki Activity

Migrate InsertCheckPermissionSpec to the new structure

Browse Source 
PR-URL: https://github.com/hasura/graphql-engine-mono/pull/5363
GitOrigin-RevId: 6de7600f7d9e6a04a10290d85bb83bb564352772
This commit is contained in:
Tom Harding 2022-08-15 19:09:06 +01:00 committed by hasura-bot
parent f4df7f0162
commit a54cbc17c3
5 changed files with 536 additions and 496 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
server/graphql-engine.cabal
View File

@ -1250,7 +1250,6 @@ test-suite tests-hspec
Test.EventTrigger.EventTriggersRunSQLSpec
Test.EventTrigger.EventTriggersExtensionSchemaSpec
Test.HelloWorldSpec
Test.InsertCheckPermissionSpec
Test.InsertDefaultsSpec
Test.InsertOnConflictSpec
Test.LongIdentifiersSpec
@ -1283,10 +1282,11 @@ test-suite tests-hspec
Test.RemoteRelationship.XToDBObjectRelationshipSpec
Test.RemoteRelationship.XToRemoteSchemaRelationshipSpec
Test.RunSQLSpec
Test.Schema.DataValidation.Permissions.SelectSpec
Test.Schema.DataValidation.Permissions.InsertSpec
Test.Schema.CustomFieldNames.MutationSpec
Test.Schema.CustomFieldNames.QuerySpec
Test.SQLServer.InsertVarcharColumnSpec
Test.Schema.DataValidation.PermissionSpec
Test.Schema.DefaultValuesSpec
Test.Schema.EnumSpec
Test.Schema.TableRelationships.ArrayRelationshipsSpec

258
server/tests-hspec/Test/InsertCheckPermissionSpec.hs
View File

@ -1,258 +0,0 @@
{-# LANGUAGE QuasiQuotes #-}
-- | Test insert check permissions
module Test.InsertCheckPermissionSpec (spec) where
import Data.List.NonEmpty qualified as NE
import Harness.Backend.Sqlserver qualified as Sqlserver
import Harness.Exceptions
import Harness.GraphqlEngine qualified as GraphqlEngine
import Harness.Quoter.Graphql (graphql)
import Harness.Quoter.Yaml (yaml)
import Harness.Test.Fixture qualified as Fixture
import Harness.Test.Schema (Table (..), table)
import Harness.Test.Schema qualified as Schema
import Harness.TestEnvironment (TestEnvironment)
import Harness.Yaml (shouldReturnYaml)
import Hasura.Prelude
import Test.Hspec (SpecWith, it)
--------------------------------------------------------------------------------
-- ** Preamble
spec :: SpecWith TestEnvironment
spec =
Fixture.run
( NE.fromList
[ (Fixture.fixture $ Fixture.Backend Fixture.SQLServer)
{ Fixture.setupTeardown = \(testEnv, _) ->
[mssqlSetupTeardown testEnv]
}
]
)
tests
--------------------------------------------------------------------------------
-- ** Schema
schema :: [Schema.Table]
schema = [author, article]
author :: Schema.Table
author =
(table "author")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "name" Schema.TStr
],
tablePrimaryKey = ["id"],
tableData =
[ [Schema.VInt 1, Schema.VStr "Author 1"],
[Schema.VInt 2, Schema.VStr "Author 2"]
]
}
article :: Schema.Table
article =
(table "article")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "title" Schema.TStr,
Schema.columnNull "content" Schema.TStr,
Schema.column "author_id" Schema.TInt
],
tablePrimaryKey = ["id"],
tableReferences = [Schema.Reference "author_id" "author" "id"]
}
--------------------------------------------------------------------------------
-- ** Setup and teardown
mssqlSetupTeardown :: TestEnvironment -> Fixture.SetupAction
mssqlSetupTeardown testEnv =
Fixture.SetupAction
(mssqlSetup (testEnv, ()))
(const $ mssqlTeardown (testEnv, ()))
mssqlSetup :: (TestEnvironment, ()) -> IO ()
mssqlSetup (testEnvironment, ()) = do
Sqlserver.setup schema (testEnvironment, ())
-- also setup permissions
GraphqlEngine.postMetadata_ testEnvironment $
[yaml|
type: bulk
args:
- type: mssql_create_insert_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
permission:
check:
author_by_author_id_to_id:
id: X-Hasura-User-Id
columns:
- id
- title
- content
- author_id
- type: mssql_create_select_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
permission:
filter:
author_by_author_id_to_id:
id: X-Hasura-User-Id
columns:
- id
- title
- content
- author_id
- type: mssql_create_insert_permission
args:
source: mssql
table:
schema: hasura
name: author
role: user
permission:
check:
id: X-Hasura-User-Id
columns:
- id
- name
|]
mssqlTeardown :: (TestEnvironment, ()) -> IO ()
mssqlTeardown (testEnvironment, ()) = do
-- teardown permissions
let teardownPermissions =
GraphqlEngine.postMetadata_ testEnvironment $
[yaml|
type: bulk
args:
- type: mssql_drop_insert_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
- type: mssql_drop_select_permission
args:
source: mssql
table:
schema: hasura
name: article
role: user
- type: mssql_drop_insert_permission
args:
source: mssql
table:
schema: hasura
name: author
role: user
|]
finally
teardownPermissions
-- and then rest of the teardown
(Sqlserver.teardown schema (testEnvironment, ()))
--------------------------------------------------------------------------------
-- * Tests
tests :: Fixture.Options -> SpecWith TestEnvironment
tests opts = do
let userHeaders = [("X-Hasura-Role", "user"), ("X-Hasura-User-Id", "2")]
it "Insert article with mismatching author_id and X-Hasura-User-Id" $ \testEnvironment ->
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
mutation {
insert_hasura_article(
objects:[{id: 1, title: "Author 1 article", author_id: 1}]
){
affected_rows
}
}
|]
)
[yaml|
errors:
- extensions:
path: "$"
code: permission-error
message: check constraint of an insert permission has failed
|]
it "Insert article with matching author_id and X-Hasura-User-Id" $ \testEnvironment ->
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
mutation {
insert_hasura_article(
objects:[{id: 1, title: "Author 2 article", author_id: 2}]
){
affected_rows
returning {
id
title
content
author_id
}
}
}
|]
)
[yaml|
data:
insert_hasura_article:
returning:
- author_id: 2
content: null
id: 1
title: Author 2 article
affected_rows: 1
|]
it "Insert author with mismatching id and X-Hasura-User-Id" $ \testEnvironment ->
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
mutation {
insert_hasura_author(
objects: [{id: 3, name: "Author 3"}]
){
affected_rows
}
}
|]
)
[yaml|
errors:
- extensions:
path: "$"
code: permission-error
message: check constraint of an insert permission has failed
|]

236
server/tests-hspec/Test/Schema/DataValidation/PermissionSpec.hs
View File

@ -1,236 +0,0 @@
{-# LANGUAGE QuasiQuotes #-}
-- | Test select permissions
module Test.Schema.DataValidation.PermissionSpec (spec) where
import Data.List.NonEmpty qualified as NE
import Harness.Backend.BigQuery qualified as BigQuery
import Harness.GraphqlEngine qualified as GraphqlEngine
import Harness.Quoter.Graphql (graphql)
import Harness.Quoter.Yaml (interpolateYaml, yaml)
import Harness.Test.Fixture qualified as Fixture
import Harness.Test.Schema (Table (..), table)
import Harness.Test.Schema qualified as Schema
import Harness.TestEnvironment (TestEnvironment)
import Harness.Yaml (shouldReturnYaml)
import Hasura.Prelude
import Test.Hspec (SpecWith, it)
--------------------------------------------------------------------------------
-- ** Preamble
spec :: SpecWith TestEnvironment
spec =
Fixture.run
( NE.fromList
[ (Fixture.fixture $ Fixture.Backend Fixture.BigQuery)
{ Fixture.setupTeardown = \(testEnv, _) ->
[ BigQuery.setupTablesAction schema testEnv
]
<> bigqueryPermissionsSetup testEnv
}
]
)
tests
--------------------------------------------------------------------------------
-- ** Schema
schema :: [Schema.Table]
schema = [author, article]
author :: Schema.Table
author =
(table "author")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "name" Schema.TStr
],
tablePrimaryKey = ["id"],
tableData =
[ [Schema.VInt 1, Schema.VStr "Author 1"],
[Schema.VInt 2, Schema.VStr "Author 2"]
]
}
article :: Schema.Table
article =
(table "article")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "title" Schema.TStr,
Schema.columnNull "content" Schema.TStr,
Schema.column "is_published" Schema.TBool,
Schema.column "author_id" Schema.TInt
],
tablePrimaryKey = ["id"],
tableReferences = [Schema.Reference "author_id" "author" "id"],
tableData =
[ [ Schema.VInt 1,
Schema.VStr "Article 1",
Schema.VStr "Sample article content 1",
Schema.VBool False,
Schema.VInt 1
],
[ Schema.VInt 2,
Schema.VStr "Article 2",
Schema.VStr "Sample article content 2",
Schema.VBool True,
Schema.VInt 2
]
]
}
--------------------------------------------------------------------------------
-- ** Setup and teardown
bigqueryPermissionsSetup :: TestEnvironment -> [Fixture.SetupAction]
bigqueryPermissionsSetup testEnvironment =
let schemaName = Schema.getSchemaName testEnvironment
in [ Fixture.SetupAction
{ setupAction =
GraphqlEngine.postMetadata_
testEnvironment
[yaml|
type: bigquery_create_select_permission
args:
source: bigquery
table:
dataset: *schemaName
name: article
role: author
permission:
filter:
author_id:
_eq: X-Hasura-User-Id
columns: '*'
|],
teardownAction = \_ ->
GraphqlEngine.postMetadata_
testEnvironment
[yaml|
type: bigquery_drop_select_permission
args:
table:
name: article
dataset: *schemaName
role: author
source: bigquery
|]
},
Fixture.SetupAction
{ setupAction =
GraphqlEngine.postMetadata_
testEnvironment
[yaml|
type: bigquery_create_select_permission
args:
source: bigquery
table:
dataset: *schemaName
name: article
role: user
permission:
filter:
is_published:
_eq: true
columns: '*'
|],
teardownAction = \_ ->
GraphqlEngine.postMetadata_
testEnvironment
[yaml|
type: bigquery_drop_select_permission
args:
table:
name: article
dataset: *schemaName
role: user
source: bigquery
|]
}
]
--------------------------------------------------------------------------------
-- * Tests
tests :: Fixture.Options -> SpecWith TestEnvironment
tests opts = do
it "Author role cannot select articles with mismatching author_id and X-Hasura-User-Id" $ \testEnvironment -> do
let userHeaders = [("X-Hasura-Role", "author"), ("X-Hasura-User-Id", "0")]
schemaName = Schema.getSchemaName testEnvironment
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
query {
#{schemaName}_article {
id
author_id
}
}
|]
)
[interpolateYaml|
data:
#{schemaName}_article: []
|]
it "Author role can select articles with matching author_id and X-Hasura-User-Id" $ \testEnvironment -> do
let userHeaders = [("X-Hasura-Role", "author"), ("X-Hasura-User-Id", "1")]
schemaName = Schema.getSchemaName testEnvironment
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
query {
#{schemaName}_article {
id
author_id
}
}
|]
)
[interpolateYaml|
data:
#{schemaName}_article:
- id: '1'
author_id: '1'
|]
it "User role can select published articles only" $ \testEnvironment -> do
let userHeaders = [("X-Hasura-Role", "user"), ("X-Hasura-User-Id", "2")]
schemaName = Schema.getSchemaName testEnvironment
shouldReturnYaml
opts
( GraphqlEngine.postGraphqlWithHeaders
testEnvironment
userHeaders
[graphql|
query {
#{schemaName}_article {
title
content
author_id
}
}
|]
)
[interpolateYaml|
data:
#{schemaName}_article:
- author_id: '2'
content: Sample article content 2
title: Article 2
|]

280
server/tests-hspec/Test/Schema/DataValidation/Permissions/InsertSpec.hs Normal file
View File

@ -0,0 +1,280 @@
{-# LANGUAGE QuasiQuotes #-}
-- | Test insert permissions
--
-- https://hasura.io/docs/latest/schema/bigquery/data-validations/#using-hasura-permissions
-- https://hasura.io/docs/latest/schema/postgres/data-validations/#using-hasura-permissions
module Test.Schema.DataValidation.Permissions.InsertSpec (spec) where
import Data.Aeson (Value)
import Data.List.NonEmpty qualified as NE
import Harness.Backend.Sqlserver qualified as Sqlserver
import Harness.GraphqlEngine (postGraphqlWithHeaders, postMetadata_)
import Harness.Quoter.Graphql (graphql)
import Harness.Quoter.Yaml (interpolateYaml)
import Harness.Test.Fixture qualified as Fixture
import Harness.Test.Schema (Table (..), table)
import Harness.Test.Schema qualified as Schema
import Harness.TestEnvironment (TestEnvironment)
import Harness.Yaml (shouldReturnYaml)
import Hasura.Prelude
import Test.Hspec (SpecWith, describe, it)
-- BigQuery should also work if we make a second version of the metadata with
-- "dataset" instead of "schema" as our key name.
spec :: SpecWith TestEnvironment
spec = do
Fixture.run
( NE.fromList
[ (Fixture.fixture $ Fixture.Backend Fixture.SQLServer)
{ Fixture.setupTeardown = \(testEnvironment, _) ->
[ Sqlserver.setupTablesAction schema testEnvironment,
setupMetadata Fixture.SQLServer testEnvironment
]
}
]
)
tests
--------------------------------------------------------------------------------
-- ** Schema
schema :: [Schema.Table]
schema =
[ (table "author")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "name" Schema.TStr
],
tablePrimaryKey = ["id"],
tableData =
[ [Schema.VInt 1, Schema.VStr "Author 1"],
[Schema.VInt 2, Schema.VStr "Author 2"]
]
},
(table "article")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "title" Schema.TStr,
Schema.columnNull "content" Schema.TStr,
Schema.column "author_id" Schema.TInt
],
tablePrimaryKey = ["id"],
tableReferences = [Schema.Reference "author_id" "author" "id"]
}
]
--------------------------------------------------------------------------------
-- Tests
tests :: Fixture.Options -> SpecWith TestEnvironment
tests opts = do
let shouldBe :: IO Value -> Value -> IO ()
shouldBe = shouldReturnYaml opts
describe "Permissions on mutations" do
it "Rejects insertions by authors on behalf of others" \testEnvironment -> do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
let expected :: Value
expected =
[interpolateYaml|
errors:
- extensions:
path: "$"
code: permission-error
message: check constraint of an insert permission has failed
|]
actual :: IO Value
actual =
postGraphqlWithHeaders
testEnvironment
[ ("X-Hasura-Role", "user"),
("X-Hasura-User-Id", "2")
]
[graphql|
mutation {
insert_#{schemaName}_article(objects: [
{ id: 1, title: "Author 1 article", author_id: 1 }
]) {
affected_rows
}
}
|]
actual `shouldBe` expected
it "Allows authors to insert their own articles" \testEnvironment -> do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
expected :: Value
expected =
[interpolateYaml|
data:
insert_#{schemaName}_article:
returning:
- author_id: 2
content: null
id: 1
title: Author 2 article
affected_rows: 1
|]
actual :: IO Value
actual =
postGraphqlWithHeaders
testEnvironment
[ ("X-Hasura-Role", "user"),
("X-Hasura-User-Id", "2")
]
[graphql|
mutation {
insert_#{schemaName}_article(objects: [
{ id: 1, title: "Author 2 article", author_id: 2 }
]) {
affected_rows
returning {
id
title
content
author_id
}
}
}
|]
actual `shouldBe` expected
it "Authors can't add other authors" $ \testEnvironment -> do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
expected :: Value
expected =
[interpolateYaml|
errors:
- extensions:
path: "$"
code: permission-error
message: check constraint of an insert permission has failed
|]
actual :: IO Value
actual =
postGraphqlWithHeaders
testEnvironment
[ ("X-Hasura-Role", "user"),
("X-Hasura-User-Id", "2")
]
[graphql|
mutation {
insert_#{schemaName}_author(objects: [
{ id: 3, name: "Author 3" }
]) {
affected_rows
}
}
|]
actual `shouldBe` expected
--------------------------------------------------------------------------------
-- Metadata
setupMetadata :: Fixture.BackendType -> TestEnvironment -> Fixture.SetupAction
setupMetadata backendType testEnvironment = do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
backend :: String
backend = Fixture.defaultSource backendType
setup :: IO ()
setup =
postMetadata_
testEnvironment
[interpolateYaml|
type: bulk
args:
- type: #{backend}_create_insert_permission
args:
source: #{backend}
table:
schema: #{schemaName}
name: article
role: user
permission:
check:
author_by_author_id_to_id:
id: X-Hasura-User-Id
columns:
- id
- title
- content
- author_id
- type: #{backend}_create_select_permission
args:
source: #{backend}
table:
schema: #{schemaName}
name: article
role: user
permission:
filter:
author_by_author_id_to_id:
id: X-Hasura-User-Id
columns:
- id
- title
- content
- author_id
- type: #{backend}_create_insert_permission
args:
source: #{backend}
table:
schema: #{schemaName}
name: author
role: user
permission:
check:
id: X-Hasura-User-Id
columns:
- id
- name
|]
teardown :: IO ()
teardown =
postMetadata_
testEnvironment
[interpolateYaml|
type: bulk
args:
- type: #{backend}_drop_insert_permission
args:
source: #{backend}
table:
schema: #{schemaName}
name: article
role: user
- type: #{backend}_drop_select_permission
args:
source: #{backend}
table:
schema: #{schemaName}
name: article
role: user
- type: #{backend}_drop_insert_permission
args:
source: #{backend}
table:
schema: #{schemaName}
name: author
role: user
|]
Fixture.SetupAction setup \_ -> teardown

254
server/tests-hspec/Test/Schema/DataValidation/Permissions/SelectSpec.hs Normal file
View File

@ -0,0 +1,254 @@
{-# LANGUAGE QuasiQuotes #-}
-- | Test select permissions
--
-- https://hasura.io/docs/latest/schema/bigquery/data-validations/#using-hasura-permissions
-- https://hasura.io/docs/latest/schema/postgres/data-validations/#using-hasura-permissions
module Test.Schema.DataValidation.Permissions.SelectSpec (spec) where
import Data.Aeson (Value)
import Data.List.NonEmpty qualified as NE
import Harness.Backend.BigQuery qualified as BigQuery
import Harness.GraphqlEngine (postGraphqlWithHeaders, postMetadata_)
import Harness.Quoter.Graphql (graphql)
import Harness.Quoter.Yaml (interpolateYaml)
import Harness.Test.Fixture qualified as Fixture
import Harness.Test.Schema (Table (..), table)
import Harness.Test.Schema qualified as Schema
import Harness.TestEnvironment (TestEnvironment)
import Harness.Yaml (shouldReturnYaml)
import Hasura.Prelude
import Test.Hspec (SpecWith, describe, it)
spec :: SpecWith TestEnvironment
spec = do
Fixture.run
( NE.fromList
[ (Fixture.fixture $ Fixture.Backend Fixture.BigQuery)
{ Fixture.setupTeardown = \(testEnvironment, _) ->
[ BigQuery.setupTablesAction schema testEnvironment,
setupMetadata Fixture.BigQuery testEnvironment
],
Fixture.customOptions =
Just $
Fixture.Options
{ stringifyNumbers = True
}
}
]
)
tests
--------------------------------------------------------------------------------
-- Schema
schema :: [Schema.Table]
schema =
[ (table "author")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "name" Schema.TStr
],
tablePrimaryKey = ["id"],
tableData =
[ [Schema.VInt 1, Schema.VStr "Author 1"],
[Schema.VInt 2, Schema.VStr "Author 2"]
]
},
(table "article")
{ tableColumns =
[ Schema.column "id" Schema.TInt,
Schema.column "title" Schema.TStr,
Schema.columnNull "content" Schema.TStr,
Schema.column "is_published" Schema.TBool,
Schema.column "author_id" Schema.TInt
],
tablePrimaryKey = ["id"],
tableReferences = [Schema.Reference "author_id" "author" "id"],
tableData =
[ [ Schema.VInt 1,
Schema.VStr "Article 1",
Schema.VStr "Sample article content 1",
Schema.VBool False,
Schema.VInt 1
],
[ Schema.VInt 2,
Schema.VStr "Article 2",
Schema.VStr "Sample article content 2",
Schema.VBool True,
Schema.VInt 2
]
]
}
]
--------------------------------------------------------------------------------
-- Tests
tests :: Fixture.Options -> SpecWith TestEnvironment
tests opts = do
let shouldBe :: IO Value -> Value -> IO ()
shouldBe = shouldReturnYaml opts
describe "Permissions on queries" do
it "Authors can't select another author's articles" \testEnvironment -> do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
expected :: Value
expected =
[interpolateYaml|
data:
#{schemaName}_article: []
|]
actual :: IO Value
actual =
postGraphqlWithHeaders
testEnvironment
[ ("X-Hasura-Role", "author"),
("X-Hasura-User-Id", "0")
]
[graphql|
query {
#{schemaName}_article {
id
author_id
}
}
|]
actual `shouldBe` expected
it "Authors can select their own articles" \testEnvironment -> do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
expected :: Value
expected =
[interpolateYaml|
data:
#{schemaName}_article:
- id: '1'
author_id: '1'
|]
actual :: IO Value
actual =
postGraphqlWithHeaders
testEnvironment
[ ("X-Hasura-Role", "author"),
("X-Hasura-User-Id", "1")
]
[graphql|
query {
#{schemaName}_article {
id
author_id
}
}
|]
actual `shouldBe` expected
it "User role can select published articles only" $ \testEnvironment -> do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
expected :: Value
expected =
[interpolateYaml|
data:
#{schemaName}_article:
- author_id: '2'
content: Sample article content 2
title: Article 2
|]
actual :: IO Value
actual =
postGraphqlWithHeaders
testEnvironment
[ ("X-Hasura-Role", "user"),
("X-Hasura-User-Id", "2")
]
[graphql|
query {
#{schemaName}_article {
title
content
author_id
}
}
|]
actual `shouldBe` expected
--------------------------------------------------------------------------------
-- Metadata
setupMetadata :: Fixture.BackendType -> TestEnvironment -> Fixture.SetupAction
setupMetadata backendType testEnvironment = do
let schemaName :: Schema.SchemaName
schemaName = Schema.getSchemaName testEnvironment
backend :: String
backend = Fixture.defaultSource backendType
setup :: IO ()
setup =
postMetadata_
testEnvironment
[interpolateYaml|
type: bulk
args:
- type: #{backend}_create_select_permission
args:
source: #{backend}
table:
dataset: #{schemaName}
name: article
role: author
permission:
filter:
author_id:
_eq: X-Hasura-User-Id
columns: "*"
- type: #{backend}_create_select_permission
args:
source: #{backend}
table:
dataset: #{schemaName}
name: article
role: user
permission:
filter:
is_published:
_eq: true
columns: "*"
|]
teardown :: IO ()
teardown =
postMetadata_
testEnvironment
[interpolateYaml|
type: bulk
args:
- type: #{backend}_drop_select_permission
args:
source: #{backend}
table:
name: article
dataset: #{schemaName}
role: author
- type: #{backend}_drop_select_permission
args:
source: #{backend}
table:
name: article
dataset: #{schemaName}
role: user
|]
Fixture.SetupAction setup \_ -> teardown