hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-16 18:42:30 +03:00
Code Issues Projects Releases Wiki Activity
2152911e24
graphql-engine/server/src-lib/Hasura/RQL/DDL/InheritedRoles.hs
Antoine Leblanc 2152911e24 server: introduce Hasura.Base (take 2) 
GitOrigin-RevId: 0dd10f1ccd338b1cf382ebff59b6ee7f209d39a1
2021-05-11 15:19:33 +00:00

56 lines
1.9 KiB
Haskell
Raw Blame History

module Hasura.RQL.DDL.InheritedRoles
( runAddInheritedRole
, runDropInheritedRole
, dropInheritedRoleInMetadata
)
where
import Hasura.Prelude
import Data.Text.Extended
import qualified Data.HashMap.Strict.InsOrd as OMap
import Hasura.Base.Error
import Hasura.EncJSON
import Hasura.RQL.Types
import Hasura.Server.Types (ExperimentalFeature (..))
import Hasura.Session
runAddInheritedRole
:: ( MonadError QErr m
, CacheRWM m
, MetadataM m
, HasServerConfigCtx m
)
=> AddInheritedRole
-> m EncJSON
runAddInheritedRole addInheritedRoleQ@(AddInheritedRole inheritedRoleName roleSet) = do
experimentalFeatures <- _sccExperimentalFeatures <$> askServerConfigCtx
unless (EFInheritedRoles `elem` experimentalFeatures) $
throw400 ConstraintViolation $
"inherited role can only be added when inherited_roles enabled" <>
" in the experimental features"
when (inheritedRoleName `elem` roleSet) $
throw400 InvalidParams "an inherited role name cannot be in the role combination"
buildSchemaCacheFor (MOInheritedRole inheritedRoleName)
$ MetadataModifier
$ metaInheritedRoles %~ OMap.insert inheritedRoleName addInheritedRoleQ
pure successMsg
dropInheritedRoleInMetadata :: RoleName -> MetadataModifier
dropInheritedRoleInMetadata roleName =
MetadataModifier $ metaInheritedRoles %~ OMap.delete roleName
runDropInheritedRole
:: (MonadError QErr m, CacheRWM m, MetadataM m)
=> DropInheritedRole
-> m EncJSON
runDropInheritedRole (DropInheritedRole roleName) = do
inheritedRolesMetadata <- _metaInheritedRoles <$> getMetadata
unless (roleName `OMap.member` inheritedRolesMetadata) $
throw400 NotExists $ roleName <<> " inherited role doesn't exist"
buildSchemaCacheFor (MOInheritedRole roleName) (dropInheritedRoleInMetadata roleName)
pure successMsg
Reference in New Issue View Git Blame Copy Permalink