hasura/graphql-engine
1
0
Fork 0
mirror of https://github.com/hasura/graphql-engine.git synced 2024-12-18 04:51:35 +03:00
Code Issues Projects Releases Wiki Activity
ffad733bd3
graphql-engine/server/tests-py/queries/graphql_query/functions/permissions/setup.yaml
Philip Lykke Carlsen c4536e801c Correctly translate permissions on functions to SQL, and simplify Bool Exp IR 
Prior to this change, the SQL expression that resulted from translating permissions on functions would refer to the table of the function's return type, rather than the set of rows selected from the function being called.

Now the SQL that results from translating permissions correctly refer to the selected rows.

This PR also contains the suggested additions of https://github.com/hasura/graphql-engine-mono/pull/2563#discussion_r726116863, which simplifies the Boolean Expression IR, but in turn makes the Schema Dependency Discovery algorithm work a bit harder.

We are changing the definition of `data OpExpG`, but the format accepted by its JSON parser remains unchanged. While there does exist a generically derived `instance ToJSON OpExpG` this is only used in the (unpublished) `/v1/metadata/dump_internal_state` API.

PR-URL: https://github.com/hasura/graphql-engine-mono/pull/2609
Co-authored-by: Gil Mizrahi <8547573+soupi@users.noreply.github.com>
GitOrigin-RevId: bb9a0b4addbc239499dd2268909220196984df72
2021-10-18 09:17:42 +00:00

139 lines
3.3 KiB
YAML
Raw Blame History

type: bulk
args:
- type: run_sql
args:
sql: |
create table author(
id serial primary key,
name text unique,
is_registered boolean not null default false,
remarks_internal text
);
INSERT INTO author (name, remarks_internal)
VALUES
('Author 1', 'remark 1'),
('Author 2', 'remark 2'),
('Author 3', 'remark 3');
CREATE TABLE article (
id SERIAL PRIMARY KEY,
title TEXT,
content TEXT,
author_id INTEGER NOT NULL REFERENCES author(id),
is_published BOOLEAN NOT NULL default FALSE,
published_on TIMESTAMP
);
INSERT INTO article (title, content, author_id, is_published)
VALUES
('Article 1', 'Sample article content 1', 1, false),
('Article 2', 'Sample article content 2', 1, true),
('Article 3', 'Sample article content 3', 2, true),
('Article 4', 'Sample article content 4', 3, false);
CREATE FUNCTION get_articles(search text)
RETURNS SETOF article AS $$
SELECT *
FROM article
WHERE
title ilike ('%' || search || '%')
OR content ilike ('%' || search || '%')
$$ LANGUAGE sql STABLE;
- type: track_table
args:
table: author
- type: track_table
args:
table: article
- type: track_function
args:
name: get_articles
schema: public
- type: create_select_permission
args:
table: article
role: user
permission:
columns:
- title
- content
- is_published
filter:
_or:
- id: X-HASURA-USER-ID
- is_published:
_eq: true
# for table permissions over functions
# See https://github.com/hasura/graphql-engine/issues/7617
- type: run_sql
args:
sql: |
create table message (
id serial primary key,
content text not null,
channel_id integer not null,
user_id integer not null,
post_date timestamptz not null
);
create table channel_member (
channel_id integer not null,
user_id integer not null,
join_date timestamptz not null
);
create function get_messages()
returns setof message as $$
select *
from message
$$ language sql stable;
INSERT INTO message (id, content, channel_id, user_id, post_date)
VALUES
(1, 'content 1', 1, 1, '02-02-2001'),
(2, 'content 2', 1, 2, '04-04-2001'),
(3, 'content 3', 1, 2, '05-04-2001');
INSERT INTO channel_member (channel_id, user_id, join_date)
VALUES
(1, 1, '01-01-2001'),
(1, 2, '03-03-2001'),
(1, 3, '05-05-2001');
- type: track_table
args:
table: message
- type: track_table
args:
table: channel_member
- type: track_function
args:
name: get_messages
- type: create_array_relationship
args:
table: message
name: members
using:
manual_configuration:
column_mapping:
channel_id: channel_id
remote_table:
name: channel_member
schema: public
- type: create_select_permission
args:
table: message
role: user
permission:
columns: "*"
filter: {"members":{"_and":[{"user_id":{"_eq":"X-Hasura-User-Id"}},{"join_date":{"_clt":["$","post_date"]}}]}}
Reference in New Issue View Git Blame Copy Permalink