hasura · 0x777 · Nov 2, 2018 · Nov 1, 2018 · Nov 1, 2018 · Nov 2, 2018
@@ -201,9 +201,7 @@ getDependentHeaders boolExp = case boolExp of
         | otherwise -> []
       _ -> []
     parseObject o = flip concatMap (M.toList o) $ \(k, v) ->
-                             if isRQLOp k
-                             then parseOnlyString v
-                             else []
+                      bool (parseValue v) (parseOnlyString v) $ isRQLOp k
 
 valueParser :: (MonadError QErr m) => PGColType -> Value -> m S.SQLExp
 valueParser columnType = \case

@@ -0,0 +1,19 @@
+description: Artist can only select his/her tracks.
+url: /v1alpha1/graphql
+status: 200
+headers:
+  X-Hasura-Role: Artist
+  X-Hasura-Artist-Id: '2'
+response:
+  data:
+    Track:
+    - id: 3
+      name: Happy
+query:
+  query: |
+    query {
+      Track {
+        id
+        name
+      }
+    }
@@ -0,0 +1,18 @@
+description: Artist can only select his/her tracks. Without sending header (Error)
+url: /v1alpha1/graphql
+status: 400
+headers:
+  X-Hasura-Role: Artist
+response:
+  errors:
+  - path: "$"
+    error: '"x-hasura-artist-id" header is expected but not found'
+    code: not-found
+query:
+  query: |
+    query {
+      Track {
+        id
+        name
+      }
+    }
@@ -168,3 +168,79 @@ args:
       content: Sample article content 4
       author_id: 3
       is_published: false
+
+#Create Artist table
+- type: run_sql
+  args:
+    sql: |
+      CREATE TABLE "Artist" (
+        id serial PRIMARY KEY ,
+        name text NOT NULL
+      );
+
+- type: track_table
+  args:
+    schema: public
+    name: Artist
+
+#Crete Track table
+- type: run_sql
+  args:
+    sql: |
+      CREATE TABLE "Track" (
+        id serial PRIMARY KEY,
+        name text NOT NULL,
+        artist_id integer REFERENCES "Artist"("id")
+      );
+
+- type: track_table
+  args:
+    schema: public
+    name: Track
+
+# Insert data into Artist and Track table
+- type: insert
+  args:
+    table: Artist
+    objects:
+    - name: Camilla
+      id: 1
+    - name: DSP
+      id: 2
+    - name: Akon
+      id: 3
+
+- type: insert
+  args:
+    table: Track
+    objects:
+    - name: Keepup
+      artist_id: 1
+      id: 1
+    - name: Keepdown
+      artist_id: 1
+      id: 2
+    - name: Happy
+      artist_id: 2
+      id: 3
+
+#Object relationship Track::artist_id -> Artist::id
+- type: create_object_relationship
+  args:
+    name: Artist
+    table: Track
+    using:
+      foreign_key_constraint_on: artist_id
+
+#Create select permssion on Track
+- type: create_select_permission
+  args:
+    table: Track
+    role: Artist
+    permission:
+      columns: '*'
+      filter:
+        Artist:
+          id: X-Hasura-Artist-Id
+
+
@@ -12,3 +12,15 @@ args:
     sql: |
       drop table author
     cascade: true
+
+- type: run_sql
+  args:
+    sql: |
+      drop table "Track"
+    cascade: true
+
+- type: run_sql
+  args:
+    sql: |
+      drop table "Artist"
+    cascade: true
@@ -1,35 +1,35 @@
-description: Reload schema cache (metadata)
+description: Export schema cache (metadata)
 url: /v1/query
 status: 200
 response:
-  query_templates: []
   tables:
   - table: author
+    object_relationships: []
     array_relationships:
-    - name: articles
-      using:
+    - using:
         foreign_key_constraint_on:
           column: author_id
           table: article
+      name: articles
       comment: List all articles of the author
-    select_permissions: []
-    object_relationships: []
-    event_triggers: []
     insert_permissions: []
+    select_permissions: []
     update_permissions: []
     delete_permissions: []
+    event_triggers: []
   - table: article
     object_relationships:
-    - name: author
-      using:
+    - using:
         foreign_key_constraint_on: author_id
+      name: author
       comment: null
-    select_permissions: []
-    event_triggers: []
+    array_relationships: []
     insert_permissions: []
+    select_permissions: []
     update_permissions: []
     delete_permissions: []
-    array_relationships: []
+    event_triggers: []
+  query_templates: []
 
 query:
   type: export_metadata

@@ -182,6 +182,12 @@ def test_anonymous_only_published_articles(self, hge_ctx):
     def test_user_cannot_access_remarks_col(self, hge_ctx):
         check_query_f(hge_ctx, self.dir() + '/user_cannot_access_remarks_col.yaml')
 
+    def test_artist_select_query_Track_fail(self, hge_ctx):
+        check_query_f(hge_ctx, self.dir() + '/artist_select_query_Track_fail.yaml')
+
+    def test_artist_select_query_Track(self, hge_ctx):
+        check_query_f(hge_ctx, self.dir() + '/artist_select_query_Track.yaml')
+
     @classmethod
     def dir(cls):
         return 'queries/graphql_query/permissions'