Flexible policy manager for Rest and GraphQL routes (!204) · Merge Requests · gargantext / haskell-gargantext

Flexible policy manager for Rest and GraphQL routes

This beefy MR explores an alternative design for access policy management in Gargantext which might supersede the existing withAccess and withAccessM.

It adds a type-level combinator called PolicyChecked, which can be used to embellish any servant route so that we can bring an AccessPolicyManager in scope which can be used to implement policy checking.

We have two new functions called withPolicy and withPolicyT, which both accepts a BoolExpr AccessCheck, which means we can compose policy checks using the similar boolean API mechanism. For example, the following grants access if the input NodeId matches the one of the logged in user, the authenticated user is the master user or if the node is a descendant of the authenticated user:

nodeChecks :: NodeId -> BoolExpr AccessCheck
nodeChecks nid =
  nodeUser nid `BOr` nodeSuper nid `BOr` nodeDescendant nid

I've also added tests to check that we are indeed protecting the endpoints as expected.

N.B. I haven't added this check for all the endpoint, that should follow in future MRs. However, I have left in place the old withAccess, which might be eventually superseded.

Fixes #259.

This beefy MR explores an alternative design for access policy management in Gargantext which might supersede the existing `withAccess` and `withAccessM`.

It adds a type-level combinator called `PolicyChecked`, which can be used to embellish any servant route so that we can bring an `AccessPolicyManager` in scope which can be used to implement policy checking.

We have two new functions called `withPolicy` and `withPolicyT`, which both accepts a `BoolExpr AccessCheck`, which means we can compose policy checks using the similar boolean API mechanism. For example, the following grants access if the input `NodeId` matches the one of the logged in user, the authenticated user is the master user or if the node is a descendant of the authenticated user:

```hs
nodeChecks :: NodeId -> BoolExpr AccessCheck
nodeChecks nid =
  nodeUser nid `BOr` nodeSuper nid `BOr` nodeDescendant nid
```

I've also added tests to check that we are indeed protecting the endpoints as expected.

**N.B.** I haven't added this check for _all_ the endpoint, that should follow in future MRs. However, I have left in place the old `withAccess`, which might be eventually superseded.

Edited Oct 02, 2023 by Alfredo Di Napoli

Flexible policy manager for Rest and GraphQL routes

Check out, review, and merge locally

Revert this commit

Cherry-pick this commit