File: rule.go

package info (click to toggle)
golang-github-facebook-ent 0.5.4-3
  • links: PTS, VCS
  • area: main
  • in suites: bookworm
  • size: 14,284 kB
  • sloc: javascript: 349; makefile: 8
file content (198 lines) | stat: -rw-r--r-- 6,463 bytes parent folder | download | duplicates (2) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
 
// Copyright 2019-present Facebook Inc. All rights reserved.
// This source code is licensed under the Apache 2.0 license found
// in the LICENSE file in the root directory of this source tree.

package rule

import (
	"context"
	"fmt"
	"sync"

	"github.com/facebook/ent/entc/integration/privacy/ent"
	"github.com/facebook/ent/entc/integration/privacy/ent/hook"
	"github.com/facebook/ent/entc/integration/privacy/ent/predicate"
	"github.com/facebook/ent/entc/integration/privacy/ent/privacy"
	"github.com/facebook/ent/entc/integration/privacy/ent/task"
	"github.com/facebook/ent/entc/integration/privacy/ent/team"
	"github.com/facebook/ent/entc/integration/privacy/ent/user"
	"github.com/facebook/ent/entc/integration/privacy/viewer"
)

// DenyUpdateRule is a mutation rule that denies the update-many operation.
func DenyUpdateRule() privacy.MutationRule {
	return privacy.DenyMutationOperationRule(ent.OpUpdate)
}

// DenyIfNoViewer is a rule that returns deny decision if the viewer is missing in the context.
func DenyIfNoViewer() privacy.QueryMutationRule {
	return privacy.ContextQueryMutationRule(func(ctx context.Context) error {
		view := viewer.FromContext(ctx)
		if view == nil {
			return privacy.Denyf("viewer-context is missing")
		}
		return privacy.Skip
	})
}

// DenyIfNotAdmin is a rule that returns deny decision if the viewer not admin.
func DenyIfNotAdmin() privacy.QueryMutationRule {
	return privacy.ContextQueryMutationRule(func(ctx context.Context) error {
		view := viewer.FromContext(ctx)
		if !view.Admin() {
			return privacy.Denyf("viewer-context is not admin")
		}
		return privacy.Skip
	})
}

// AllowIfAdmin is a rule that returns allow decision if the viewer is admin.
func AllowIfAdmin() privacy.QueryMutationRule {
	return privacy.ContextQueryMutationRule(func(ctx context.Context) error {
		view := viewer.FromContext(ctx)
		if view.Admin() {
			return privacy.Allow
		}
		return privacy.Skip
	})
}

// AllowUserCreateIfAdmin is a rule that allows user creation only if the viewer is admin.
func AllowUserCreateIfAdmin() privacy.MutationRule {
	rule := privacy.UserMutationRuleFunc(func(ctx context.Context, _ *ent.UserMutation) error {
		view := viewer.FromContext(ctx)
		if view.Admin() {
			return privacy.Allow
		}
		// Skip to the next privacy rule, that may accept or reject this operation.
		return privacy.Skip
	})
	return privacy.OnMutationOperation(rule, ent.OpCreate)
}

// AllowTaskCreateIfOwner is a rule that allows creating task only if the creator is also the user.
func AllowTaskCreateIfOwner() privacy.MutationRule {
	rule := privacy.TaskMutationRuleFunc(func(ctx context.Context, m *ent.TaskMutation) error {
		view, ok := viewer.FromContext(ctx).(*viewer.UserViewer)
		if !ok {
			return privacy.Skip
		}
		id, exists := m.OwnerID()
		if exists && view.User.ID == id {
			return privacy.Allow
		}
		// Skip to the next privacy rule, that may accept or reject this operation.
		return privacy.Skip
	})
	return privacy.OnMutationOperation(rule, ent.OpCreate)
}

// FilterTeamRule is a query rule that filters out tasks and users that are not in the team.
func FilterTeamRule() privacy.QueryRule {
	type TeamsFilter interface {
		WhereHasTeamsWith(...predicate.Team)
	}
	return privacy.FilterFunc(func(ctx context.Context, f privacy.Filter) error {
		view := viewer.FromContext(ctx)
		teams, err := view.Teams(ctx)
		if err != nil {
			return privacy.Denyf("getting team names: %w", err)
		}
		tf, ok := f.(TeamsFilter)
		if !ok {
			return privacy.Denyf("unexpected filter type %T", f)
		}
		tf.WhereHasTeamsWith(team.NameIn(teams...))
		return privacy.Skip
	})
}

// DenyIfStatusChangedByOther is a mutation rule that returns a deny decision if the
// task status was changed by someone that is not the owner of the task, or an admin.
func DenyIfStatusChangedByOther() privacy.MutationRule {
	policy := privacy.TaskMutationRuleFunc(func(ctx context.Context, m *ent.TaskMutation) error {
		// Skip if the mutation does not change the task status.
		if _, exists := m.Status(); !exists {
			return privacy.Skip
		}
		view, ok := viewer.FromContext(ctx).(*viewer.UserViewer)
		// Skip if the the viewer is an admin (or an app).
		if !ok || view.Admin() {
			return privacy.Skip
		}
		id, ok := m.ID()
		if !ok {
			return fmt.Errorf("missing task id")
		}
		owner, err := m.Client().User.Query().Where(user.HasTasksWith(task.ID(id))).Only(ctx)
		if err != nil {
			return err
		}
		// Deny the mutation, if the viewer is not the owner.
		if owner.ID != view.User.ID {
			return privacy.Denyf("viewer %d is not allowed to change the task status", view.User.ID)
		}
		return privacy.Skip
	})
	return privacy.OnMutationOperation(policy, ent.OpUpdateOne)
}

// AllowIfViewerInTheSameTeam returns allow decision if viewer on the same team as the task.
func AllowIfViewerInTheSameTeam() privacy.MutationRule {
	policy := privacy.TaskMutationRuleFunc(func(ctx context.Context, m *ent.TaskMutation) error {
		view, ok := viewer.FromContext(ctx).(*viewer.UserViewer)
		// Skip if the the viewer is an admin (or an app).
		if !ok || view.Admin() {
			return privacy.Skip
		}
		teams, err := view.Teams(ctx)
		if err != nil {
			return privacy.Denyf("getting team names: %w", err)
		}
		id, ok := m.ID()
		if !ok {
			return fmt.Errorf("missing task id")
		}
		// Query should return an error if the viewer
		// does not belong to the task namespace/team.
		if _, err = m.Client().Task.Query().
			Where(
				task.ID(id),
				task.HasTeamsWith(team.NameIn(teams...)),
			).
			Only(ctx); err != nil {
			return err
		}
		return privacy.Allow
	})
	return privacy.OnMutationOperation(policy, ent.OpUpdateOne)
}

var logger = struct {
	logf func(string, ...interface{})
	sync.RWMutex
}{
	logf: func(string, ...interface{}) {},
}

// SetMutationLogFunc overrides the logging function used by LogPlanetMutationHook.
func SetMutationLogFunc(f func(string, ...interface{})) func(string, ...interface{}) {
	logger.Lock()
	defer logger.Unlock()
	logf := logger.logf
	logger.logf = f
	return logf
}

// LogPlanetMutationHook returns a hook logging planet mutations.
func LogTaskMutationHook() ent.Hook {
	return func(next ent.Mutator) ent.Mutator {
		return hook.TaskFunc(func(ctx context.Context, m *ent.TaskMutation) (ent.Value, error) {
			value, err := next.Mutate(ctx, m)
			logger.RLock()
			defer logger.RUnlock()
			logger.logf("task mutation: type %s, value %v, err %v", m.Op(), value, err)
			return value, err
		})
	}
}