hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-19 21:41:44 +03:00
Code Issues Projects Releases Wiki Activity
9128c69a80
graphql-engine/server/tests-py/queries/graphql_mutation/update/permissions/schema_setup.yaml

245 lines
4.5 KiB
YAML
Raw Blame History

type: bulk
args:
#Author table
- type: run_sql
args:
sql: |
create table author(
id serial primary key,
name text unique
);
- type: track_table
args:
schema: public
name: author
#Article table
- type: run_sql
args:
sql: |
CREATE TABLE article (
id SERIAL,
title TEXT,
version TEXT,
content TEXT,
author_id INTEGER REFERENCES author(id),
is_published BOOLEAN,
published_on TIMESTAMP,
PRIMARY KEY (id,version)
);
CREATE FUNCTION fetch_articles(search text, author_row author)
RETURNS SETOF article AS $$
SELECT *
FROM article
WHERE
( title ilike ('%' || search || '%')
OR content ilike ('%' || search || '%')
) AND author_id = author_row.id
$$ LANGUAGE sql STABLE;
- type: track_table
args:
schema: public
name: article
- type: add_computed_field
args:
table: author
name: get_articles
definition:
function: fetch_articles
table_argument: author_row
#Object relationship
- type: create_object_relationship
args:
table: article
name: author
using:
foreign_key_constraint_on: author_id
#Array relationship
- type: create_array_relationship
args:
table: author
name: articles
using:
foreign_key_constraint_on:
table: article
column: author_id
#Person table
- type: run_sql
args:
sql: |
CREATE TABLE person (
id SERIAL PRIMARY KEY,
details JSONB NOT NULL
)
- type: track_table
args:
schema: public
name: person
#Author select permission for user
- type: create_select_permission
args:
table: author
role: user
permission:
columns: '*'
filter:
id: X-HASURA-USER-ID
#Author update permission for user
- type: create_update_permission
args:
table: author
role: user
permission:
columns:
- name
filter:
id: X-Hasura-User-Id
#Article select permission for user
- type: create_select_permission
args:
table: article
role: user
permission:
columns: '*'
filter:
$or:
- author_id: X-HASURA-USER-ID
- is_published: true
#Article update permission for user
#Allow modifications only on unpublished articles
- type: create_update_permission
args:
table: article
role: user
permission:
columns:
- title
- content
- is_published
- published_on
- version
filter:
$and:
- author_id: X-HASURA-USER-ID
- is_published: false
check:
is_published: false
#Resident table
- type: run_sql
args:
sql: |
CREATE TABLE resident (
id SERIAL PRIMARY KEY,
name TEXT NOT NULL,
age INTEGER NOT NULL,
city TEXT NOT NULL
);
- type: track_table
args:
name: resident
schema: public
#Permissions
- type: create_select_permission
args:
table: resident
role: user1
permission:
filter: {}
columns: '*'
- type: create_update_permission
args:
table: resident
role: user1
permission:
filter: {}
columns: '*'
set:
city: melbourne
- type: create_select_permission
args:
table: resident
role: user2
permission:
filter: {}
columns: '*'
- type: create_update_permission
args:
table: resident
role: user2
permission:
filter: {}
columns: '*'
set:
city: X-Hasura-City
# Tables to test '_exist' field
- type: run_sql
args:
sql: |
create table "user" (
id serial primary key,
name text not null unique,
is_admin boolean default false
);
create table account (
id serial primary key,
account_no integer not null
);
- type: track_table
args:
name: user
schema: public
- type: track_table
args:
name: account
schema: public
- type: create_update_permission
args:
table: account
role: user
permission:
columns:
- account_no
filter:
_exists:
_table: user
_where:
id: X-Hasura-User-Id
is_admin: true
- type: create_select_permission
args:
table: account
role: user
permission:
columns:
- id
- account_no
filter:
_exists:
_table: user
_where:
id: X-Hasura-User-Id
is_admin: true
Reference in New Issue View Git Blame Copy Permalink