Skip to content

haskell-gargantext
haskell-gargantext
Commit b59a7d9c authored by Alfredo Di Napoli's avatar Alfredo Di Napoli
Browse files
Options

Add nodeWriteChecks to some GQL mutators

parent 48bab856
Pipeline #6958 passed with stages
          in 33 minutes and 12 seconds
          Hide whitespace changes
          Inline Side-by-side
          Showing with 20 additions and 11 deletions
          gargantext.cabal
          View file @ b59a7d9c
          ...@@ -544,6 +544,7 @@ library ...@@ -544,6 +544,7 @@ library
          , monad-control ^>= 1.0.3.1 , monad-control ^>= 1.0.3.1
          , monad-logger ^>= 0.3.36 , monad-logger ^>= 0.3.36
          , morpheus-graphql >= 0.24.3 && < 0.25 , morpheus-graphql >= 0.24.3 && < 0.25
          , morpheus-graphql-app >= 0.24.3 && < 0.25
          , morpheus-graphql-server >= 0.24.3 && < 0.25 , morpheus-graphql-server >= 0.24.3 && < 0.25
          , morpheus-graphql-subscriptions >= 0.24.3 && < 0.25 , morpheus-graphql-subscriptions >= 0.24.3 && < 0.25
          , mtl ^>= 2.2.2 , mtl ^>= 2.2.2
          ......
          src/Gargantext/API/GraphQL.hs
          View file @ b59a7d9c
          ...@@ -129,7 +129,7 @@ rootResolver authenticatedUser policyManager = ...@@ -129,7 +129,7 @@ rootResolver authenticatedUser policyManager =
          , update_user_epo_api_user = GQLUser.updateUserEPOAPIUser , update_user_epo_api_user = GQLUser.updateUserEPOAPIUser
          , update_user_epo_api_token = GQLUser.updateUserEPOAPIToken , update_user_epo_api_token = GQLUser.updateUserEPOAPIToken
          , delete_team_membership = GQLTeam.deleteTeamMembership , delete_team_membership = GQLTeam.deleteTeamMembership
          , update_node_context_category = GQLCTX.updateNodeContextCategory } , update_node_context_category = GQLCTX.updateNodeContextCategory authenticatedUser policyManager }
          } }
          -- | Main GraphQL "app". -- | Main GraphQL "app".
          ......
          src/Gargantext/API/GraphQL/Context.hs
          View file @ b59a7d9c
          ...@@ -23,9 +23,12 @@ import Data.Morpheus.Types ...@@ -23,9 +23,12 @@ import Data.Morpheus.Types
          , QUERY , QUERY
          ) )
          import Data.Text (pack, unpack) import Data.Text (pack, unpack)
          import qualified Data.Text as Text import Data.Text qualified as Text
          import Data.Time.Format.ISO8601 (iso8601Show) import Data.Time.Format.ISO8601 (iso8601Show)
          import Gargantext.API.Admin.Auth.Types ( AuthenticatedUser )
          import Gargantext.API.Auth.PolicyCheck ( nodeWriteChecks, AccessPolicyManager )
          import Gargantext.API.Errors.Types ( BackendInternalError ) import Gargantext.API.Errors.Types ( BackendInternalError )
          import Gargantext.API.GraphQL.PolicyCheck (withPolicy)
          import Gargantext.API.Prelude (GargM) import Gargantext.API.Prelude (GargM)
          import Gargantext.Core.Types.Search (HyperdataRow(..), toHyperdataRow) import Gargantext.Core.Types.Search (HyperdataRow(..), toHyperdataRow)
          import Gargantext.Database.Admin.Types.Hyperdata.Document ( HyperdataDocument ) import Gargantext.Database.Admin.Types.Hyperdata.Document ( HyperdataDocument )
          ...@@ -219,8 +222,11 @@ toHyperdataRowDocumentGQL hyperdata = ...@@ -219,8 +222,11 @@ toHyperdataRowDocumentGQL hyperdata =
          HyperdataRowContact { } -> Nothing HyperdataRowContact { } -> Nothing
          updateNodeContextCategory :: (CmdCommon env) updateNodeContextCategory :: (CmdCommon env)
          => NodeContextCategoryMArgs -> GqlM' e env [Int] => AuthenticatedUser
          updateNodeContextCategory NodeContextCategoryMArgs { context_id, node_id, category } = do -> AccessPolicyManager
          _ <- lift $ DNC.updateNodeContextCategory (UnsafeMkContextId context_id) (UnsafeMkNodeId node_id) category -> NodeContextCategoryMArgs
          -> GqlM' e env [Int]
          pure [1] updateNodeContextCategory autUser mgr NodeContextCategoryMArgs { context_id, node_id, category } =
          withPolicy autUser mgr (nodeWriteChecks $ UnsafeMkNodeId node_id) $ do
          void $ lift $ DNC.updateNodeContextCategory (UnsafeMkContextId context_id) (UnsafeMkNodeId node_id) category
          pure [1]
          src/Gargantext/API/GraphQL/PolicyCheck.hs
          View file @ b59a7d9c
          ...@@ -7,16 +7,18 @@ import Control.Monad.Except (MonadError(..), MonadTrans(..)) ...@@ -7,16 +7,18 @@ import Control.Monad.Except (MonadError(..), MonadTrans(..))
          import Gargantext.API.Admin.Auth.Types ( AuthenticatedUser ) import Gargantext.API.Admin.Auth.Types ( AuthenticatedUser )
          import Gargantext.API.Auth.PolicyCheck ( BoolExpr, AccessCheck, AccessPolicyManager(..), AccessResult(..)) import Gargantext.API.Auth.PolicyCheck ( BoolExpr, AccessCheck, AccessPolicyManager(..), AccessResult(..))
          import Gargantext.API.Errors.Types ( BackendInternalError(..) ) import Gargantext.API.Errors.Types ( BackendInternalError(..) )
          import Gargantext.API.GraphQL.Types (GqlM)
          import Gargantext.Core.Config (HasConfig) import Gargantext.Core.Config (HasConfig)
          import Gargantext.Database.Prelude (HasConnectionPool) import Gargantext.Database.Prelude (HasConnectionPool)
          import Data.Morpheus.Types (ResolverO)
          import Data.Morpheus.App.Internal.Resolving (LiftOperation)
          import Gargantext.API.Prelude (GargM)
          withPolicy :: (HasConnectionPool env, HasConfig env) withPolicy :: (HasConnectionPool env, HasConfig env, LiftOperation op)
          => AuthenticatedUser => AuthenticatedUser
          -> AccessPolicyManager -> AccessPolicyManager
          -> BoolExpr AccessCheck -> BoolExpr AccessCheck
          -> GqlM e env a -> ResolverO op e (GargM env BackendInternalError) a
          -> GqlM e env a -> ResolverO op e (GargM env BackendInternalError) a
          withPolicy ur mgr checks m = case mgr of withPolicy ur mgr checks m = case mgr of
          AccessPolicyManager{runAccessPolicy} -> do AccessPolicyManager{runAccessPolicy} -> do
          res <- lift $ runAccessPolicy ur checks res <- lift $ runAccessPolicy ur checks
          ......
          Markdown is supported
          0% or
          You are about to add 0 people to the discussion. Proceed with caution.
          Finish editing this message first!
          Please register or to comment