这是indexloc提供的服务,不要输入任何密码
Skip to content

update allowed queries in schema cache on add/drop queries to collection (fix #2221) #2230

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
May 20, 2019
Merged

update allowed queries in schema cache on add/drop queries to collection (fix #2221) #2230

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0e90aea
update allowed queries in schema cache on add/drop queries to collect…
rakeshkky May 20, 2019
98fc16f
Merge branch 'master' into issue-2221-allowlist-refresh
rakeshkky May 20, 2019
091aa20
Merge branch 'master' into issue-2221-allowlist-refresh
0x777 May 20, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 16 additions & 6 deletions server/src-lib/Hasura/RQL/DDL/QueryCollection.hs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ runCreateCollection cc = do
CreateCollection collName def _ = cc

runAddQueryToCollection
:: (QErrM m, UserInfoM m, MonadTx m)
:: (QErrM m, CacheRWM m, UserInfoM m, MonadTx m)
=> AddQueryToCollection -> m EncJSON
runAddQueryToCollection (AddQueryToCollection collName queryName query) = do
adminOnly
Expand All @@ -65,7 +65,8 @@ runAddQueryToCollection (AddQueryToCollection collName queryName query) = do
<> queryName <<> " already exists in collection " <>> collName

let collDef = CollectionDef $ qList <> pure listQ
liftTx $ updateCollectionDefCatalog collName collDef
collInAllowlist <- liftTx $ updateCollectionDefCatalog collName collDef
when collInAllowlist refreshAllowlist
return successMsg
where
listQ = ListedQuery queryName query
Expand All @@ -91,7 +92,7 @@ runDropCollection (DropCollection collName cascade) = do
return successMsg

runDropQueryFromCollection
:: (QErrM m, UserInfoM m, MonadTx m)
:: (QErrM m, CacheRWM m, UserInfoM m, MonadTx m)
=> DropQueryFromCollection -> m EncJSON
runDropQueryFromCollection (DropQueryFromCollection collName queryName) = do
adminOnly
Expand All @@ -101,7 +102,8 @@ runDropQueryFromCollection (DropQueryFromCollection collName queryName) = do
<> queryName <<> " not found in collection " <>> collName
let collDef = CollectionDef $ flip filter qList $
\q -> _lqName q /= queryName
liftTx $ updateCollectionDefCatalog collName collDef
collInAllowlist <- liftTx $ updateCollectionDefCatalog collName collDef
when collInAllowlist refreshAllowlist
return successMsg

runAddCollectionToAllowlist
Expand Down Expand Up @@ -193,15 +195,23 @@ delCollectionFromCatalog name =
|] (Identity name) True

updateCollectionDefCatalog
:: CollectionName -> CollectionDef -> Q.TxE QErr ()
updateCollectionDefCatalog collName def =
:: CollectionName -> CollectionDef -> Q.TxE QErr Bool
updateCollectionDefCatalog collName def = do
-- Update definition
Q.unitQE defaultTxErrorHandler [Q.sql|
UPDATE hdb_catalog.hdb_query_collection
SET collection_defn = $1
WHERE collection_name = $2
|] (Q.AltJ def, collName) True

-- Check whether collection present in allowlist
runIdentity . Q.getRow <$> Q.withQE defaultTxErrorHandler
[Q.sql|
SELECT EXISTS (
SELECT 1 FROM hdb_catalog.hdb_allowlist WHERE collection_name = $1
)
|] (Identity collName) True

addCollectionToAllowlistCatalog :: CollectionName -> Q.TxE QErr ()
addCollectionToAllowlistCatalog collName =
Q.unitQE defaultTxErrorHandler [Q.sql|
Expand Down
45 changes: 45 additions & 0 deletions server/tests-py/queries/graphql_query/allowlist/update_query.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
- description: Delete query from collection
url: /v1/query
status: 200
query:
type: drop_query_from_collection
args:
collection_name: collection_1
query_name: query_1

- description: Add query to collection
url: /v1/query
status: 200
query:
type: add_query_to_collection
args:
collection_name: collection_1
query_name: query_1
query: |
query {
user{
id
name
}
}

- description: Query as user
url: /v1/graphql
status: 200
headers:
X-Hasura-Role: user
response:
data:
user:
- id: 1
name: clarke
- id: 2
name: reckler
query:
query: |
query {
user{
id
name
}
}
5 changes: 5 additions & 0 deletions server/tests-py/test_allowlist_queries.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,11 @@ def test_query_non_allowlist(self, hge_ctx, transport):
def test_query_as_admin(self, hge_ctx, transport):
check_query_f(hge_ctx, self.dir() + '/query_as_admin.yaml', transport)

def test_update_query(self, hge_ctx, transport):
# test only for http
transport = 'http'
check_query_f(hge_ctx, self.dir() + '/update_query.yaml', transport)

@classmethod
def dir(cls):
return 'queries/graphql_query/allowlist'