这是indexloc提供的服务,不要输入任何密码
Skip to content

Support JSON arrays in session variables #1799

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
wants to merge 10 commits into from
Closed

Support JSON arrays in session variables #1799

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
9d61823
Support JSON arrays in session variables
nizar-m Mar 18, 2019
554e647
Tests for JSON arrays in session variables
nizar-m Mar 19, 2019
00864a5
Unexpected payload error message when the input to parseMany is a str…
nizar-m Mar 19, 2019
d80694e
Merge branch 'master' of github.com:hasura/graphql-engine into issue-…
nizar-m Mar 26, 2019
20202f5
handle string value for array operators in console permission builder
rikinsk Mar 26, 2019
30d2a87
change array session var suggestion
rikinsk Mar 26, 2019
e362ee8
Add support for has_keys_any and has_keys_all in RQL
nizar-m Mar 26, 2019
dd12d82
Merge branch 'master' of github.com:hasura/graphql-engine into issue-…
nizar-m Mar 26, 2019
5c26c1b
Tests far `has_keys_any` and `has_keys_all`
nizar-m Mar 27, 2019
06abe03
update docs
rikinsk Apr 15, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 25 additions & 5 deletions console/src/components/Services/Data/TablePermissions/PermissionBuilder/PermissionBuilder.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -473,25 +473,42 @@ class PermissionBuilder extends React.Component {
};

const renderValueArray = (dispatchFunc, values, prefix, valueType) => {
const _inputArray = [];
const dispatchInput = val => {
dispatchFunc({ prefix: prefix, value: val });
};

const sessionVariableSuggestion = () => {
return renderSuggestion(dispatchInput, 'X-Hasura-Allowed-Ids');
};

const inputArray = [];

(values || []).concat(['']).map((val, i) => {
const input = renderValue(
dispatchFunc,
val,
addToPrefix(prefix, i),
valueType
);
_inputArray.push(input);
inputArray.push(input);
});

const unselectedElements = [(values || []).length];

return (
const _inputArray = (
<QueryBuilderJson
element={_inputArray}
element={inputArray}
unselectedElements={unselectedElements}
/>
);

const _suggestion = sessionVariableSuggestion(dispatchInput);

return (
<span>
{_inputArray} {_suggestion}
</span>
);
};

const renderOperatorExp = (dispatchFunc, expression, prefix, valueType) => {
Expand Down Expand Up @@ -529,7 +546,10 @@ class PermissionBuilder extends React.Component {

let _valueInput = '';
if (operator) {
if (isArrayTypeColumnOperator(operator)) {
if (
isArrayTypeColumnOperator(operator) &&
operationValue instanceof Array
) {
_valueInput = renderValueArray(
dispatchFunc,
operationValue,
Expand Down
2 changes: 1 addition & 1 deletion docs/graphql/manual/api-reference/schema-metadata-api/index.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -221,5 +221,5 @@ Error codes
Relationships <relationship>
Permissions <permission>
Event Triggers <event-triggers>
Syntax definitions <syntax-defs>
Common syntax definitions <syntax-defs>

22 changes: 14 additions & 8 deletions docs/graphql/manual/api-reference/schema-metadata-api/syntax-defs.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
Schema/Metadata API reference: Syntax definitions
=================================================
Schema/Metadata API Reference: Common syntax definitions
========================================================

.. contents:: Table of contents
:backlinks: none
Expand Down Expand Up @@ -248,7 +248,7 @@ ColumnExp
Operator
^^^^^^^^

Generic operators (all column types except json, jsonb) :
**Generic operators (all column types except json, jsonb) :**

- ``"$eq"``
- ``"$ne"``
Expand All @@ -259,7 +259,7 @@ Generic operators (all column types except json, jsonb) :
- ``"$gte"``
- ``"$lte"``

Text related operators :
**Text related operators :**

- ``"$like"``
- ``"$nlike"``
Expand All @@ -268,7 +268,7 @@ Text related operators :
- ``"$similar"``
- ``"$nsimilar"``

Operators for comparing columns (all column types except json, jsonb):
**Operators for comparing columns (all column types except json, jsonb):**

- ``"$ceq"``
- ``"$cne"``
Expand All @@ -277,11 +277,11 @@ Operators for comparing columns (all column types except json, jsonb):
- ``"$cgte"``
- ``"$clte"``

Checking for NULL values :
**Checking for NULL values :**

- ``_is_null`` (takes true/false as values)

JSONB operators :
**JSONB operators :**

.. list-table::
:header-rows: 1
Expand All @@ -294,8 +294,14 @@ JSONB operators :
- ``<@``
* - ``_has_key``
- ``?``
* - ``_has_keys_any``
- ``?|``
* - ``_has_keys_all``
- ``?&``

PostGIS related operators on GEOMETRY columns:
(For more details on what these operators do, refer to `Postgres docs <https://www.postgresql.org/docs/current/static/functions-json.html#FUNCTIONS-JSONB-OP-TABLE>`__.)

**PostGIS related operators on GEOMETRY columns:**

.. list-table::
:header-rows: 1
Expand Down
2 changes: 0 additions & 2 deletions docs/graphql/manual/auth/basics.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -109,8 +109,6 @@ You can notice above how the same query now only includes the right slice of dat
This rule reads as: allow selecting an article if it was published after "31-12-2018" and its author is the current
user.

**Note:** The operators ``_has_keys_all`` and ``_has_keys_any`` are currently not supported in permission rules

.. _restrict_columns:

Restrict access to certain columns
Expand Down
8 changes: 4 additions & 4 deletions server/src-lib/Hasura/GraphQL/Resolve/BoolExp.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -31,8 +31,8 @@ parseOpExps colTy annVal = do
"_neq" -> fmap (ANE True) <$> asPGColValM v
"_is_null" -> resolveIsNull v

"_in" -> fmap (AIN . catMaybes) <$> parseMany asPGColValM v
"_nin" -> fmap (ANIN . catMaybes) <$> parseMany asPGColValM v
"_in" -> fmap (AIN . Right . catMaybes) <$> parseMany asPGColValM v
"_nin" -> fmap (ANIN . Right . catMaybes) <$> parseMany asPGColValM v

"_gt" -> fmap AGT <$> asPGColValM v
"_lt" -> fmap ALT <$> asPGColValM v
Expand All @@ -52,8 +52,8 @@ parseOpExps colTy annVal = do
"_contains" -> fmap AContains <$> asPGColValM v
"_contained_in" -> fmap AContainedIn <$> asPGColValM v
"_has_key" -> fmap AHasKey <$> asPGColValM v
"_has_keys_any" -> fmap AHasKeysAny <$> parseMany asPGColText v
"_has_keys_all" -> fmap AHasKeysAll <$> parseMany asPGColText v
"_has_keys_any" -> fmap (AHasKeysAny . Right . catMaybes) <$> parseMany asPGColValM v
"_has_keys_all" -> fmap (AHasKeysAll . Right . catMaybes) <$> parseMany asPGColValM v

-- geometry/geography type related operators
"_st_contains" -> fmap ASTContains <$> asPGColValM v
Expand Down
2 changes: 1 addition & 1 deletion server/src-lib/Hasura/RQL/DDL/Permission.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -112,7 +112,7 @@ procSetObj ti mObj = do
fmap HM.fromList $ forM (HM.toList setObj) $ \(pgCol, val) -> do
ty <- askPGType fieldInfoMap pgCol $
"column " <> pgCol <<> " not found in table " <>> tn
sqlExp <- valueParser ty val
sqlExp <- (vpParseOne valueParser) ty val
return (pgCol, sqlExp)
let deps = map (mkColDep "on_type" tn . fst) $ HM.toList setColsSQL
return (setColsSQL, depHeaders, deps)
Expand Down
41 changes: 30 additions & 11 deletions server/src-lib/Hasura/RQL/DDL/Permission/Internal.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -203,20 +203,39 @@ getDependentHeaders :: BoolExp -> [T.Text]
getDependentHeaders (BoolExp boolExp) =
flip foldMap boolExp $ \(ColExp _ v) -> getDepHeadersFromVal v

valueParser :: (MonadError QErr m) => PGColType -> Value -> m S.SQLExp
valueParser columnType = \case
-- When it is a special variable
val@(String t)
| isUserVar t -> return $ fromCurSess t
| isReqUserId t -> return $ fromCurSess userIdHeader
| otherwise -> txtRHSBuilder columnType val
-- Typical value as Aeson's value
val -> txtRHSBuilder columnType val
valueParser :: (MonadError QErr m) => ValueParser m S.SQLExp
valueParser = ValueParser parseOne parseMany
where
parseOne columnType = \case
-- When it is a special variable
val@(String t)
| isUserVar t -> return $ fromCurSess t columnType
| isReqUserId t -> return $ fromCurSess userIdHeader columnType
| otherwise -> txtRHSBuilder columnType val
-- Typical value as Aeson's value
val -> txtRHSBuilder columnType val

curSess = S.SEUnsafe "current_setting('hasura.user')::json"
fromCurSess hdr = withAnnTy $ withGeoVal columnType $
fromCurSess hdr colTy = withAnnTy $ withGeoVal colTy $
S.SEOpApp (S.SQLOp "->>") [curSess, S.SELit $ T.toLower hdr]
withAnnTy v = S.SETyAnn v $ S.AnnType $ T.pack $ show columnType
where withAnnTy v = S.SETyAnn v $ S.AnnType $ T.pack $ show colTy

qualJsonArrElemsTxtF = QualifiedObject (SchemaName "pg_catalog") arrElemsTextF
arrElemsTextF = FunctionName "json_array_elements_text"
selJsonArrElems colTy x = S.mkSelect
{ S.selExtr = [flip S.Extractor Nothing $ withGeoVal colTy (S.SEIden $ toIden arrElemsTextF) `S.SETyAnn` colTyAnn]
, S.selFrom = Just $ S.FromExp [S.mkFuncFromItem qualJsonArrElemsTxtF [x]]
}
where colTyAnn = S.AnnType $ T.pack $ show colTy

parseMany columnType v = case v of
(String t)
| isUserVar t -> return $ Left $ selJsonArrElems columnType $ fromCurSess t PGJSON
| otherwise -> throw400 UnexpectedPayload "Expected Array, encountered String"

val -> do
vals <- runAesonParser parseJSON val
fmap Right $ indexedForM vals (parseOne columnType)

injectDefaults :: QualifiedTable -> QualifiedTable -> Q.Query
injectDefaults qv qt =
Expand Down
25 changes: 12 additions & 13 deletions server/src-lib/Hasura/RQL/DDL/QueryTemplate.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -57,20 +57,19 @@ $(deriveJSON (aesonDrop 3 snakeCase){omitNothingFields=True} ''CreateQueryTempla

validateParam
:: (QErrM m)
=> PGColType
-> Value
-> m PS.SQLExp
validateParam pct val =
case val of
Object _ -> do
tpc <- decodeValue val
withPathK "default" $
maybe (return ()) validateDefault $ tpcDefault tpc
return $ PS.SELit "NULL"
_ -> txtRHSBuilder pct val
=> ValueParser m PS.SQLExp
validateParam = defaultValueParser parseOne
where
validateDefault =
void . runAesonParser (convToBin pct)
parseOne pct val = case val of
Object _ -> do
tpc <- decodeValue val
withPathK "default" $
maybe (return ()) validateDefault $ tpcDefault tpc
return $ PS.SELit "NULL"
_ -> txtRHSBuilder pct val
where
validateDefault =
void . runAesonParser (convToBin pct)

mkSelQ :: (QErrM m) => SelectQueryT -> m SelectQuery
mkSelQ (DMLQuery tn (SelectG c w o lim offset)) = do
Expand Down
3 changes: 1 addition & 2 deletions server/src-lib/Hasura/RQL/DML/Count.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ module Hasura.RQL.DML.Count
, countQToTx
) where

import Data.Aeson
import Instances.TH.Lift ()

import qualified Data.ByteString.Builder as BB
Expand Down Expand Up @@ -73,7 +72,7 @@ mkSQLCount (CountQueryP1 tn (permFltr, mWc) mDistCols) =
-- SELECT count(*) FROM (SELECT * FROM .. WHERE ..) r;
validateCountQWith
:: (UserInfoM m, QErrM m, CacheRM m)
=> (PGColType -> Value -> m S.SQLExp)
=> ValueParser m S.SQLExp
-> CountQuery
-> m CountQueryP1
validateCountQWith prepValBuilder (CountQuery qt mDistCols mWhere) = do
Expand Down
3 changes: 1 addition & 2 deletions server/src-lib/Hasura/RQL/DML/Delete.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ module Hasura.RQL.DML.Delete
, runDelete
) where

import Data.Aeson
import Instances.TH.Lift ()

import qualified Data.Sequence as DS
Expand Down Expand Up @@ -53,7 +52,7 @@ getDeleteDeps (DeleteQueryP1 tn (_, wc) mutFlds allCols) =

validateDeleteQWith
:: (UserInfoM m, QErrM m, CacheRM m)
=> (PGColType -> Value -> m S.SQLExp)
=> ValueParser m S.SQLExp
-> DeleteQuery
-> m DeleteQueryP1
validateDeleteQWith prepValBuilder (DeleteQuery tableName rqlBE mRetCols) = do
Expand Down
4 changes: 2 additions & 2 deletions server/src-lib/Hasura/RQL/DML/Insert.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -168,7 +168,7 @@ buildConflictClause tableInfo inpCols (OnConflict mTCol mTCons act) =
convInsertQuery
:: (UserInfoM m, QErrM m, CacheRM m)
=> (Value -> m [InsObj])
-> (PGColType -> Value -> m S.SQLExp)
-> ValueParser m S.SQLExp
-> InsertQuery
-> m InsertQueryP1
convInsertQuery objsParser prepFn (InsertQuery tableName val oC mRetCols) = do
Expand Down Expand Up @@ -207,7 +207,7 @@ convInsertQuery objsParser prepFn (InsertQuery tableName val oC mRetCols) = do
insView = ipiView insPerm

insTuples <- withPathK "objects" $ indexedForM insObjs $ \obj ->
convObj prepFn defInsVals setInsVals fieldInfoMap obj
convObj (vpParseOne prepFn) defInsVals setInsVals fieldInfoMap obj
let sqlExps = map snd insTuples
inpCols = HS.toList $ HS.fromList $ concatMap fst insTuples

Expand Down
19 changes: 10 additions & 9 deletions server/src-lib/Hasura/RQL/DML/Internal.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ import Hasura.SQL.Types
import Hasura.SQL.Value

import Control.Lens
import Data.Aeson.Types

import qualified Data.HashMap.Strict as M
import qualified Data.HashSet as HS
Expand Down Expand Up @@ -144,13 +143,15 @@ checkPermOnCol pt allowedCols pgCol = do
, permTypeToCode pt <> " column " <>> pgCol
]

binRHSBuilder
:: PGColType -> Value -> DMLP1 S.SQLExp
binRHSBuilder colType val = do
preparedArgs <- get
binVal <- runAesonParser (convToBin colType) val
put (preparedArgs DS.|> binVal)
return $ toPrepParam (DS.length preparedArgs + 1) colType
binRHSBuilder :: ValueParser DMLP1 S.SQLExp
binRHSBuilder = defaultValueParser parseOne
where
parseOne colType val = do
preparedArgs <- get
binVal <- runAesonParser (convToBin colType) val
put (preparedArgs DS.|> binVal)
return $ toPrepParam (DS.length preparedArgs + 1) colType


fetchRelTabInfo
:: (QErrM m, CacheRM m)
Expand Down Expand Up @@ -210,7 +211,7 @@ convBoolExp'
=> FieldInfoMap
-> SelPermInfo
-> BoolExp
-> (PGColType -> Value -> m S.SQLExp)
-> ValueParser m S.SQLExp
-> m AnnBoolExpSQL
convBoolExp' cim spi be prepValBuilder = do
abe <- annBoolExp prepValBuilder cim be
Expand Down
4 changes: 2 additions & 2 deletions server/src-lib/Hasura/RQL/DML/QueryTemplate.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@ buildPrepArg args pct val =
Object _ -> do
tpc <- decodeValue val
v <- getParamValue args tpc
modifyErr (withParamErrMsg tpc) $ binRHSBuilder pct v
modifyErr (withParamErrMsg tpc) $ (vpParseOne binRHSBuilder) pct v
_ -> txtRHSBuilder pct val
where
withParamErrMsg tpc t =
Expand Down Expand Up @@ -109,7 +109,7 @@ convQT args qt = case qt of
v <- getParamValue args tpc
R.decodeInsObjs v

f = buildPrepArg args
f = defaultValueParser $ buildPrepArg args

execQueryTemplateP1
:: (UserInfoM m, QErrM m, CacheRM m, HasSQLGenCtx m)
Expand Down
7 changes: 3 additions & 4 deletions server/src-lib/Hasura/RQL/DML/Select.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,6 @@ module Hasura.RQL.DML.Select
)
where

import Data.Aeson.Types
import Instances.TH.Lift ()

import qualified Data.HashMap.Strict as HM
Expand Down Expand Up @@ -145,7 +144,7 @@ convSelectQ
=> FieldInfoMap -- Table information of current table
-> SelPermInfo -- Additional select permission info
-> SelectQExt -- Given Select Query
-> (PGColType -> Value -> m S.SQLExp)
-> ValueParser m S.SQLExp
-> m AnnSel
convSelectQ fieldInfoMap selPermInfo selQ prepValBuilder = do

Expand Down Expand Up @@ -208,7 +207,7 @@ convExtRel
-> RelName
-> Maybe RelName
-> SelectQExt
-> (PGColType -> Value -> m S.SQLExp)
-> ValueParser m S.SQLExp
-> m (Either ObjSel ArrSel)
convExtRel fieldInfoMap relName mAlias selQ prepValBuilder = do
-- Point to the name key
Expand Down Expand Up @@ -280,7 +279,7 @@ getSelectDeps (AnnSelG flds tabFrm _ tableArgs _) =

convSelectQuery
:: (UserInfoM m, QErrM m, CacheRM m, HasSQLGenCtx m)
=> (PGColType -> Value -> m S.SQLExp)
=> ValueParser m S.SQLExp
-> SelectQuery
-> m AnnSel
convSelectQuery prepArgBuilder (DMLQuery qt selQ) = do
Expand Down
Loading