mirror of
https://github.com/hasura/graphql-engine.git
synced 2024-12-21 06:21:39 +03:00
5283eebf75
GitOrigin-RevId: 34dd9f648ca1e268274b6244c48c9e9710c4477d
616 lines
12 KiB
YAML
616 lines
12 KiB
YAML
type: bulk
|
|
args:
|
|
|
|
#Author table
|
|
|
|
|
|
|
|
# Tables to test '_exist' field
|
|
|
|
|
|
|
|
# a sales role can only update the leads added by them
|
|
|
|
- type: run_sql
|
|
args:
|
|
sql: |
|
|
create table author(
|
|
id serial primary key,
|
|
name text unique,
|
|
bio text,
|
|
is_registered boolean not null default false
|
|
);
|
|
CREATE TABLE article (
|
|
id SERIAL PRIMARY KEY,
|
|
title TEXT,
|
|
content TEXT,
|
|
author_id INTEGER REFERENCES author(id),
|
|
is_published BOOLEAN,
|
|
published_on TIMESTAMP
|
|
);
|
|
|
|
CREATE FUNCTION fetch_articles(search text, author_row author)
|
|
RETURNS SETOF article AS $$
|
|
SELECT *
|
|
FROM article
|
|
WHERE
|
|
( title ilike ('%' || search || '%')
|
|
OR content ilike ('%' || search || '%')
|
|
) AND author_id = author_row.id
|
|
$$ LANGUAGE sql STABLE;
|
|
CREATE TABLE resident (
|
|
id SERIAL PRIMARY KEY,
|
|
name TEXT NOT NULL UNIQUE,
|
|
age INTEGER NOT NULL,
|
|
is_user BOOLEAN DEFAULT FALSE NOT NULL
|
|
);
|
|
CREATE TABLE address (
|
|
id SERIAL PRIMARY KEY,
|
|
door_no TEXT NOT NULL,
|
|
street TEXT NOT NULL,
|
|
city TEXT NOT NULL,
|
|
resident_id INTEGER REFERENCES resident(id)
|
|
);
|
|
CREATE TABLE "Company" (
|
|
"id" SERIAL PRIMARY KEY,
|
|
"name" TEXT
|
|
);
|
|
CREATE TABLE blog (
|
|
id serial primary key,
|
|
title text not null,
|
|
content text,
|
|
author_id INTEGER REFERENCES author(id),
|
|
last_updated timestamptz,
|
|
updated_by INTEGER REFERENCES author(id)
|
|
);
|
|
CREATE TABLE computer (
|
|
id SERIAL PRIMARY KEY,
|
|
name TEXT NOT NULL,
|
|
spec JSONB NOT NULL
|
|
);
|
|
create table "user" (
|
|
id serial primary key,
|
|
name text not null unique,
|
|
is_admin boolean default false
|
|
);
|
|
|
|
create table account (
|
|
id serial primary key,
|
|
account_no integer not null
|
|
);
|
|
create table leads (
|
|
id serial primary key,
|
|
name text not null,
|
|
added_by text not null
|
|
);
|
|
create table items (
|
|
id serial primary key,
|
|
name text,
|
|
quantity int
|
|
);
|
|
create table order_cart (
|
|
id serial primary key,
|
|
item_id int not null references items(id),
|
|
quantity int
|
|
);
|
|
|
|
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: author
|
|
|
|
#Article table
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: article
|
|
|
|
- type: add_computed_field
|
|
args:
|
|
table: author
|
|
name: get_articles
|
|
definition:
|
|
function: fetch_articles
|
|
table_argument: author_row
|
|
|
|
#Create resident table
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: resident
|
|
|
|
#Create address table
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: address
|
|
|
|
#Create Company table
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: Company
|
|
|
|
#Object relationship
|
|
- type: create_object_relationship
|
|
args:
|
|
table: article
|
|
name: author
|
|
using:
|
|
foreign_key_constraint_on: author_id
|
|
|
|
#Array relationship
|
|
- type: create_array_relationship
|
|
args:
|
|
table: author
|
|
name: articles
|
|
using:
|
|
foreign_key_constraint_on:
|
|
table: article
|
|
column: author_id
|
|
|
|
#Article select permission for user
|
|
- type: create_select_permission
|
|
args:
|
|
table: article
|
|
role: user
|
|
permission:
|
|
columns: '*'
|
|
filter:
|
|
$or:
|
|
- author_id: X-HASURA-USER-ID
|
|
- is_published: true
|
|
|
|
#Article select permission for restricted
|
|
- type: create_select_permission
|
|
args:
|
|
table: article
|
|
role: restricted
|
|
permission:
|
|
columns: '*'
|
|
filter:
|
|
$or:
|
|
- author_id: X-HASURA-USER-ID
|
|
- is_published: true
|
|
|
|
#Article select permission for editor
|
|
- type: create_select_permission
|
|
args:
|
|
table: article
|
|
role: editor
|
|
permission:
|
|
columns: '*'
|
|
filter:
|
|
$or:
|
|
- author_id:
|
|
$in: X-Hasura-Allowed-User-Ids
|
|
- is_published: true
|
|
|
|
#Article insert permission for user
|
|
- type: create_insert_permission
|
|
args:
|
|
table: article
|
|
role: user
|
|
permission:
|
|
check:
|
|
author_id: X-Hasura-User-Id
|
|
|
|
#Article insert permission for restricted
|
|
- type: create_insert_permission
|
|
args:
|
|
table: article
|
|
role: restricted
|
|
permission:
|
|
check:
|
|
author_id: X-Hasura-User-Id
|
|
|
|
#Article insert permission for editor
|
|
#Editor can create articles for some of the users
|
|
- type: create_insert_permission
|
|
args:
|
|
table: article
|
|
role: editor
|
|
permission:
|
|
check:
|
|
author_id:
|
|
$in: X-Hasura-Allowed-User-Ids
|
|
|
|
#Article udpate permission for user
|
|
- type: create_update_permission
|
|
args:
|
|
table: article
|
|
role: user
|
|
permission:
|
|
filter:
|
|
author_id: X-Hasura-User-Id
|
|
columns: '*'
|
|
|
|
#Article udpate permission for restricted
|
|
- type: create_update_permission
|
|
args:
|
|
table: article
|
|
role: restricted
|
|
permission:
|
|
filter:
|
|
author_id: X-Hasura-User-Id
|
|
columns: []
|
|
|
|
#Author select permission for user
|
|
- type: create_select_permission
|
|
args:
|
|
table: author
|
|
role: user
|
|
permission:
|
|
columns:
|
|
- id
|
|
- name
|
|
- is_registered
|
|
filter:
|
|
id: X-HASURA-USER-ID
|
|
|
|
#Author insert and update permission for user
|
|
#Only admin can set is_registered to true
|
|
- type: create_insert_permission
|
|
args:
|
|
table: author
|
|
role: user
|
|
permission:
|
|
check:
|
|
$and:
|
|
- id: X-HASURA-USER-ID
|
|
- is_registered: false
|
|
|
|
- type: create_update_permission
|
|
args:
|
|
table: author
|
|
role: user
|
|
permission:
|
|
columns: '*'
|
|
filter:
|
|
$and:
|
|
- id: X-HASURA-USER-ID
|
|
- is_registered: false
|
|
|
|
#Author insert permission for student
|
|
#A Student should specify their Bio
|
|
- type: create_insert_permission
|
|
args:
|
|
table: author
|
|
role: student
|
|
permission:
|
|
check:
|
|
bio:
|
|
_is_null: false
|
|
|
|
#Company insert permission for user
|
|
- type: create_insert_permission
|
|
args:
|
|
table: Company
|
|
role: user
|
|
permission:
|
|
check:
|
|
id: X-HASURA-COMPANY-ID
|
|
|
|
#Company update permission for user
|
|
- type: create_update_permission
|
|
args:
|
|
table: Company
|
|
role: user
|
|
permission:
|
|
filter:
|
|
id: X-HASURA-COMPANY-ID
|
|
columns: '*'
|
|
|
|
#Company select permission for user
|
|
- type: create_select_permission
|
|
args:
|
|
table: Company
|
|
role: user
|
|
permission:
|
|
columns:
|
|
- id
|
|
- name
|
|
filter:
|
|
id: X-HASURA-COMPANY-ID
|
|
|
|
#Create insert permission for user on resident
|
|
- type: create_insert_permission
|
|
args:
|
|
table: resident
|
|
role: user
|
|
permission:
|
|
check:
|
|
id: X-Hasura-Resident-Id
|
|
set:
|
|
name: X-Hasura-Resident-Name
|
|
is_user: true
|
|
|
|
#Create select permission for user on resident
|
|
- type: create_select_permission
|
|
args:
|
|
table: resident
|
|
role: user
|
|
permission:
|
|
columns:
|
|
- id
|
|
- name
|
|
- age
|
|
- is_user
|
|
filter:
|
|
id: X-Hasura-Resident-Id
|
|
|
|
#Create insert permission for infant on resident
|
|
- type: create_insert_permission
|
|
args:
|
|
table: resident
|
|
role: infant
|
|
permission:
|
|
check:
|
|
id: X-Hasura-Infant-Id
|
|
set:
|
|
name: X-Hasura-Infant-Name
|
|
id: X-Hasura-Infant-Id
|
|
columns:
|
|
- age
|
|
|
|
#Create select permission for infant on resident
|
|
- type: create_select_permission
|
|
args:
|
|
table: resident
|
|
role: infant
|
|
permission:
|
|
columns:
|
|
- id
|
|
- name
|
|
- age
|
|
- is_user
|
|
filter:
|
|
id: X-Hasura-Infant-Id
|
|
|
|
#Create permissions for resident role on resident table
|
|
- type: create_insert_permission
|
|
args:
|
|
table: resident
|
|
role: resident
|
|
permission:
|
|
check:
|
|
id: X-Hasura-Resident-Id
|
|
|
|
- type: create_update_permission
|
|
args:
|
|
table: resident
|
|
role: resident
|
|
permission:
|
|
columns: '*'
|
|
filter:
|
|
id: X-Hasura-Resident-Id
|
|
- type: create_select_permission
|
|
args:
|
|
table: resident
|
|
role: resident
|
|
permission:
|
|
columns: '*'
|
|
filter:
|
|
id: X-Hasura-Resident-Id
|
|
|
|
|
|
#Create blog table
|
|
- type: track_table
|
|
args:
|
|
name: blog
|
|
schema: public
|
|
|
|
- type: create_select_permission
|
|
args:
|
|
table: blog
|
|
role: user
|
|
permission:
|
|
columns: '*'
|
|
filter:
|
|
author_id: X-Hasura-User-Id
|
|
|
|
- type: create_insert_permission
|
|
args:
|
|
table: blog
|
|
role: user
|
|
permission:
|
|
check: {}
|
|
|
|
- type: create_update_permission
|
|
args:
|
|
table: blog
|
|
role: user
|
|
permission:
|
|
columns:
|
|
- title
|
|
- content
|
|
filter: {}
|
|
set:
|
|
last_updated: NOW()
|
|
updated_by: X-Hasura-User-Id
|
|
|
|
- type: track_table
|
|
args:
|
|
name: computer
|
|
schema: public
|
|
|
|
- type: create_insert_permission
|
|
args:
|
|
table: computer
|
|
role: seller
|
|
permission:
|
|
check:
|
|
spec:
|
|
_has_keys_all: X-Hasura-Spec-Required-Keys
|
|
columns: '*'
|
|
|
|
- type: create_insert_permission
|
|
args:
|
|
table: computer
|
|
role: developer
|
|
permission:
|
|
check:
|
|
spec:
|
|
_has_keys_any: X-Hasura-Spec-Keys
|
|
columns: '*'
|
|
|
|
- type: create_select_permission
|
|
args:
|
|
table: computer
|
|
role: seller
|
|
permission:
|
|
columns: '*'
|
|
filter: {}
|
|
|
|
- type: create_select_permission
|
|
args:
|
|
table: computer
|
|
role: developer
|
|
permission:
|
|
columns: '*'
|
|
filter: {}
|
|
- type: track_table
|
|
args:
|
|
name: user
|
|
schema: public
|
|
|
|
- type: track_table
|
|
args:
|
|
name: account
|
|
schema: public
|
|
|
|
- type: create_insert_permission
|
|
args:
|
|
table: account
|
|
role: user
|
|
permission:
|
|
columns:
|
|
- account_no
|
|
check:
|
|
_exists:
|
|
_table: user
|
|
_where:
|
|
id: X-Hasura-User-Id
|
|
is_admin: true
|
|
|
|
- type: create_update_permission
|
|
args:
|
|
table: user
|
|
role: backend_user
|
|
permission:
|
|
check: {}
|
|
filter: {}
|
|
columns: '*'
|
|
|
|
- type: create_insert_permission
|
|
args:
|
|
table: user
|
|
role: backend_user
|
|
permission:
|
|
check: {}
|
|
columns: '*'
|
|
backend_only: true
|
|
set:
|
|
is_admin: true
|
|
|
|
- type: create_insert_permission
|
|
args:
|
|
table: user
|
|
role: backend_user_2
|
|
permission:
|
|
check: {}
|
|
columns: '*'
|
|
backend_only: true
|
|
set:
|
|
is_admin: true
|
|
|
|
- type: create_select_permission
|
|
args:
|
|
table: user
|
|
role: backend_user
|
|
permission:
|
|
columns: '*'
|
|
filter: {}
|
|
|
|
- type: create_select_permission
|
|
args:
|
|
table: user
|
|
role: backend_user_2
|
|
permission:
|
|
columns: '*'
|
|
filter: {}
|
|
|
|
- type: create_insert_permission
|
|
args:
|
|
table: user
|
|
role: user
|
|
permission:
|
|
check: {}
|
|
columns: '*'
|
|
backend_only: false
|
|
set:
|
|
is_admin: false
|
|
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: leads
|
|
|
|
|
|
# a sales role can add a new lead without any check
|
|
- type: create_insert_permission
|
|
args:
|
|
table: leads
|
|
role: sales
|
|
permission:
|
|
columns: [id, name, added_by]
|
|
check: {}
|
|
set: {}
|
|
|
|
# a sales role can only update the leads added by them
|
|
- type: create_update_permission
|
|
args:
|
|
table: leads
|
|
role: sales
|
|
permission:
|
|
columns: [name]
|
|
filter:
|
|
added_by: X-Hasura-User-Id
|
|
check:
|
|
name:
|
|
_ne: ''
|
|
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: items
|
|
|
|
- type: track_table
|
|
args:
|
|
schema: public
|
|
name: order_cart
|
|
|
|
- type: create_object_relationship
|
|
args:
|
|
table: order_cart
|
|
name: item
|
|
using:
|
|
foreign_key_constraint_on: item_id
|
|
|
|
# an user can add an item in the order_cart
|
|
# iff there are enough of the them present
|
|
- type: create_insert_permission
|
|
args:
|
|
table: order_cart
|
|
role: user
|
|
permission:
|
|
columns: [item_id, quantity]
|
|
check:
|
|
item:
|
|
quantity:
|
|
_cgte:
|
|
- $
|
|
- quantity
|
|
set: {}
|