1
0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-19 13:31:43 +03:00
graphql-engine/server/tests-py/queries/graphql_query/permissions/setup.yaml
Antoine Leblanc d9fa299750
server: fix all EWKT warnings in python tests ()
The setup in several tests was using `ST_GeomFromText`, which expects
data in the OGC WKT format, but was providing the SRID in the text
itself, which is part of the EWKT format.

The fix was simply to replace all calls to `ST_GeomFromText` to
`ST_GeomFromEWKT`.
2020-03-23 20:48:09 -05:00

525 lines
10 KiB
YAML

type: bulk
args:
#Author table
- type: run_sql
args:
sql: |
create table author(
id serial primary key,
name text unique,
is_registered boolean not null default false,
remarks_internal text
);
- type: track_table
args:
schema: public
name: author
#Article table
- type: run_sql
args:
sql: |
CREATE TABLE article (
id SERIAL PRIMARY KEY,
title TEXT,
content TEXT,
author_id INTEGER NOT NULL REFERENCES author(id),
is_published BOOLEAN NOT NULL default FALSE,
published_on TIMESTAMP
)
- type: track_table
args:
schema: public
name: article
#Object relationship
- type: create_object_relationship
args:
name: author
table: article
using:
foreign_key_constraint_on: author_id
#Array relationship
- type: create_array_relationship
args:
table: author
name: articles
using:
foreign_key_constraint_on:
table: article
column: author_id
#Article select permission for user
- type: create_select_permission
args:
table: article
role: user
permission:
columns:
- id
- title
- content
- is_published
filter:
$or:
- author_id: X-HASURA-USER-ID
- is_published: true
#Article select permission for anonymous (only published articles)
- type: create_select_permission
args:
table: article
role: anonymous
permission:
columns:
- id
- title
- content
- is_published
filter:
is_published: true
#Article insert permission for user
- type: create_insert_permission
args:
table: article
role: user
permission:
check:
author_id: X-Hasura-User-Id
#Author select permission for user
- type: create_select_permission
args:
table: author
role: user
permission:
columns:
- id
- name
- is_registered
filter:
_or:
- id: X-HASURA-USER-ID
- articles:
is_published:
_eq: true
#Author select permission for anonymous users
#Only authors with atleast one article will be shown
- type: create_select_permission
args:
table: author
role: anonymous
permission:
columns:
- id
- name
filter:
articles:
is_published:
_eq: true
#Author insert permission for user
- type: create_insert_permission
args:
table: author
role: user
permission:
check:
id: X-HASURA-USER-ID
#Insert Author values
- type: insert
args:
table: author
objects:
- name: Author 1
remarks_internal: remark 1
- name: Author 2
remarks_internal: remark 2
- name: Author 3
remarks_internal: remark 3
#Insert Article values
- type: insert
args:
table: article
objects:
- title: Article 1
content: Sample article content 1
author_id: 1
is_published: false
- title: Article 2
content: Sample article content 2
author_id: 1
is_published: true
- title: Article 3
content: Sample article content 3
author_id: 2
is_published: true
- title: Article 4
content: Sample article content 4
author_id: 3
is_published: false
#Create Artist table
- type: run_sql
args:
sql: |
CREATE TABLE "Artist" (
id serial PRIMARY KEY ,
name text NOT NULL
);
- type: track_table
args:
schema: public
name: Artist
#Crete Track table
- type: run_sql
args:
sql: |
CREATE TABLE "Track" (
id serial PRIMARY KEY,
name text NOT NULL,
artist_id integer REFERENCES "Artist"("id")
);
- type: track_table
args:
schema: public
name: Track
# Insert data into Artist and Track table
- type: insert
args:
table: Artist
objects:
- name: Camilla
id: 1
- name: DSP
id: 2
- name: Akon
id: 3
- type: insert
args:
table: Track
objects:
- name: Keepup
artist_id: 1
id: 1
- name: Keepdown
artist_id: 1
id: 2
- name: Happy
artist_id: 2
id: 3
#Object relationship Track::artist_id -> Artist::id
- type: create_object_relationship
args:
name: Artist
table: Track
using:
foreign_key_constraint_on: artist_id
#Create select permssion on Track
- type: create_select_permission
args:
table: Track
role: Artist
permission:
columns: '*'
filter:
Artist:
id: X-Hasura-Artist-Id
allow_aggregations: true
#Create select permssion on Track using _in operator
- type: create_select_permission
args:
table: Artist
role: free_user_in
permission:
columns: '*'
filter:
name:
_in: X-Hasura-Free-Artists
#Create select permssion on Track using _nin operator
- type: create_select_permission
args:
table: Artist
role: free_user_nin
permission:
columns: '*'
filter:
name:
_nin: X-Hasura-Premium-Artists
# Create search_track function
- type: run_sql
args:
sql: |
create function search_tracks(search text)
returns setof "Track" as $$
select *
from "Track"
where
name ilike ('%' || search || '%')
$$ language sql stable;
- type: track_function
args:
name: search_tracks
schema: public
#Permission based on PostGIS operators
- type: run_sql
args:
sql: |
CREATE EXTENSION IF NOT EXISTS postgis;
- type: run_sql
args:
sql: |
DO $$
BEGIN
IF PostGIS_lib_version() ~ '^3.*' THEN
CREATE EXTENSION IF NOT EXISTS postgis_raster;
END IF;
END$$;
- type: run_sql
args:
sql: |
CREATE EXTENSION IF NOT EXISTS postgis_topology;
#Create table
- type: run_sql
args:
sql: |
CREATE TABLE geom_table(
id SERIAL PRIMARY KEY,
type TEXT NOT NULL,
geom_col geometry NOT NULL
);
- type: track_table
args:
name: geom_table
schema: public
#Create select permission using postgis operator
- type: create_select_permission
args:
table: geom_table
role: user1
permission:
columns:
- id
- type
- geom_col
filter:
geom_col:
$st_d_within:
distance: 1
from:
type: Polygon
crs:
type: name
properties:
name: urn:ogc:def:crs:EPSG::4326
coordinates:
- - - 2
- 0
- - 2
- 1
- - 3
- 1
- - 3
- 0
- - 2
- 0
#Create select permission using postgis operator and session variables
- type: create_select_permission
args:
table: geom_table
role: user2
permission:
columns:
- id
- type
- geom_col
filter:
geom_col:
$st_d_within:
distance: X-Hasura-Geom-Dist
from: X-Hasura-Geom-Val
#Insert data
- type: run_sql
args:
sql: |
INSERT INTO geom_table (type, geom_col)
VALUES
('point', ST_GeomFromEWKT('SRID=4326;POINT(1 2)')),
('linestring', ST_GeomFromEWKT('SRID=4326;LINESTRING(0 0, 0.5 1, 1 2, 1.5 3)')),
('linestring', ST_GeomFromEWKT('SRID=4326;LINESTRING(1 0, 0.5 0.5, 0 1)')),
('polygon', ST_GeomFromEWKT('SRID=4326;POLYGON((0 0, 0 1, 1 1, 1 0, 0 0))')),
('polygon', ST_GeomFromEWKT('SRID=4326;POLYGON((2 0, 2 1, 3 1, 3 0, 2 0))'))
;
#Permission based on JSONB operators
- type: run_sql
args:
sql: |
CREATE TABLE jsonb_table(
id INTEGER NOT NULL PRIMARY KEY,
jsonb_col jsonb NOT NULL
);
- type: track_table
args:
name: jsonb_table
schema: public
#Insert data
- type: insert
args:
table: jsonb_table
objects:
- id: 1
jsonb_col:
name: Hasura
age: 7
- id: 2
jsonb_col:
name: Cross
#Create select permission using jsonb operator
- type: create_select_permission
args:
table: jsonb_table
role: user1
permission:
columns:
- id
- jsonb_col
filter:
jsonb_col:
$has_key: age
- type: create_select_permission
args:
table: jsonb_table
role: user2
permission:
columns:
- id
- jsonb_col
filter:
jsonb_col:
$has_key: X-Hasura-Has-Key
# Using jsonb column and $has_keys_any operator
- type: create_select_permission
args:
table: jsonb_table
role: user4
permission:
columns:
- id
- jsonb_col
filter:
jsonb_col:
$has_keys_any: X-Hasura-Json-Keys
# Using jsonb column and $has_keys_all operator
- type: create_select_permission
args:
table: jsonb_table
role: user5
permission:
columns:
- id
- jsonb_col
filter:
jsonb_col:
$has_keys_all: X-Hasura-Json-Required-Keys
#Create grade_point table
- type: run_sql
args:
sql: |
CREATE TABLE gpa (
id serial primary key,
student_name text not null,
gpa_score double precision not null
);
INSERT INTO gpa (student_name, gpa_score) VALUES
('clarke', 9.24), ('george', 8.32),
('blake', 7.34), ('leonel', 9.56);
CREATE FUNCTION passed_students (pass_gpa double precision)
RETURNS SETOF gpa as $$
SELECT * FROM gpa WHERE
gpa_score >= pass_gpa
$$ language SQL STABLE;
- type: track_table
args:
name: gpa
schema: public
- type: track_function
args:
name: passed_students
schema: public
- type: create_select_permission
args:
table: gpa
role: staff
permission:
columns:
- id
- student_name
filter: {}
#Auction table
- type: run_sql
args:
sql: |
CREATE TABLE auction (
id serial primary key,
price integer not null DEFAULT 250,
bid_price integer
);
INSERT INTO auction
(bid_price)
VALUES
(100), (120), (300), (260)
;
- type: track_table
args:
name: auction
schema: public
- type: create_select_permission
args:
role: user
table: auction
permission:
filter:
bid_price:
$cgt: price
columns:
- id
- bid_price