daddy/backend/config/dev.yml

app_name: "Daddy Dev"
host_port: 0.0.0.0:8080
web_ui: true

# debug, error, warn, info
log_level: debug

# enable or disable http compression (uses gzip)
http_compress: true

# When production mode is 'true' only queries 
# from the allow list are permitted.
# When it's 'false' all queries are saved to the
# the allow list in ./config/allow.list
production: false

# Throw a 401 on auth failure for queries that need auth
auth_fail_block: true

# Latency tracing for database queries and remote joins
# the resulting latency information is returned with the
# response
enable_tracing: true

# Watch the config folder and reload Super Graph
# with the new configs when a change is detected
reload_on_config_change: true

# File that points to the database seeding script
# seed_file: seed.js

# Path pointing to where the migrations can be found
# this must be a relative path under the config path
migrations_path: ./migrations

# Secret key for general encryption operations like 
# encrypting the cursor data
secret_key: supercalifajalistics

# CORS: A list of origins a cross-domain request can be executed from. 
# If the special * value is present in the list, all origins will be allowed. 
# An origin may contain a wildcard (*) to replace 0 or more 
# characters (i.e.: http://*.domain.com).
cors_allowed_origins: ["*"]

# Debug Cross Origin Resource Sharing requests
cors_debug: false

# Postgres related environment Variables
# SG_DATABASE_HOST
# SG_DATABASE_PORT
# SG_DATABASE_USER
# SG_DATABASE_PASSWORD

# Auth related environment Variables
# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE
# SG_AUTH_RAILS_REDIS_URL
# SG_AUTH_RAILS_REDIS_PASSWORD
# SG_AUTH_JWT_PUBLIC_KEY_FILE

# inflections:
#   person: people
#   sheep: sheep

auth:
  # Can be 'rails', 'jwt' or 'header'
  type: jwt
  #cookie: _supergraph_session

  # Comment this out if you want to disable setting
  # the user_id via a header for testing. 
  # Disable in production
  #creds_in_header: false

  jwt:
    provider: hydra
    jwks_url: http://hydra:4444/.well-known/jwks.json

  # header:
  #   name: dnt
  #   exists: true
  #   value: localhost:8080

# You can add additional named auths to use with actions
# In this example actions using this auth can only be
# called from the Google Appengine Cron service that
# sets a special header to all it's requests
# auths:
  # - name: from_taskqueue
  #   type: header
  #   header:
  #     name: X-Appengine-Cron
  #     exists: true

database:
  type: postgres
  host: localhost
  port: 5432
  dbname: daddy
  user: daddy
  password: daddy

  #schema: "public"
  #pool_size: 10
  #max_retries: 0
  log_level: "debug"

  # Set session variable "user.id" to the user id
  # Enable this if you need the user id in triggers, etc
  set_user_id: true

  # database ping timeout is used for db health checking
  ping_timeout: 1m

  # Define additional variables here to be used with filters
  variables:
    # admin_account_id: "5"
    # admin_account_id: "sql:select id from users where admin = true limit 1"


  # Field and table names that you wish to block
  blocklist:
    - ar_internal_metadata
    - schema_migrations
    - secret
    - password
    - encrypted
    - token

# Create custom actions with their own api endpoints
# For example the below action will be available at /api/v1/actions/refresh_leaderboard_users
# A request to this url will execute the configured SQL query
# which in this case refreshes a materialized view in the database.
# The auth_name is from one of the configured auths
actions:
  # - name: refresh_leaderboard_users
  #   sql: REFRESH MATERIALIZED VIEW CONCURRENTLY "leaderboard_users"
  #   auth_name: from_taskqueue

tables:
  # - name: customers
  #   remotes:
  #     - name: payments
  #       id: stripe_id
  #       url: http://rails_app:3000/stripe/$id
  #       path: data
  #       # debug: true
  #       pass_headers: 
  #         - cookie
  #       set_headers:
  #         - name: Host
  #           value: 0.0.0.0
          # - name: Authorization
          #   value: Bearer <stripe_api_key>

  # - # You can create new fields that have a
  #   # real db table backing them
  #   name: me
  #   table: users


roles_query: "select * from users where users.email = $user_id"

roles:
  # Rôle par défaut si l'utilisateur n'existe pas dans la table `users`
  - name: anon
    tables:
      # - name: users
      #   insert:
      #     block: true
      #   query:
      #     block: true
      #   update:
      #     block: true
      #   delete:
      #     block: true

  # Rôle par défaut si l'utilisateur existe dans la table `users`
  # mais que la valeur de la colonne `role` n'est pas définie
  - name: user
    tables:
      - name: users
        insert:
          block: true
        query:
          filters: ["{ email: { _eq: $user_id } }"]
        update:
          columns:
            - full_name
          filters: ["{ email: { _eq: $user_id } }"]
        delete:
          block: true

  - name: admin
    match: role = 'admin'
    tables:
      - name: users
        query:
          filters: []

      # - name: products
      #   query:
      #     limit: 50
      #     filters: ["{ user_id: { eq: $user_id } }"]
      #     disable_functions: false

      #   insert:
      #     filters: ["{ user_id: { eq: $user_id } }"]
      #     presets:
      #       - user_id: "$user_id"
      #       - created_at: "now"
            
      #   update:
      #     filters: ["{ user_id: { eq: $user_id } }"]
      #     presets:
      #       - updated_at: "now"

        # delete:
        #   block: true

  # - name: admin
  #   match: id = 1000
  #   tables:
  #     - name: users
  #       filters: []
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`app_name: "Daddy Dev"`
Mise en place du projet 2020-06-15 14:58:59 +02:00			`host_port: 0.0.0.0:8080`
			`web_ui: true`

			`# debug, error, warn, info`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`log_level: debug`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`# enable or disable http compression (uses gzip)`
			`http_compress: true`

			`# When production mode is 'true' only queries`
			`# from the allow list are permitted.`
			`# When it's 'false' all queries are saved to the`
			`# the allow list in ./config/allow.list`
			`production: false`

			`# Throw a 401 on auth failure for queries that need auth`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`auth_fail_block: true`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`# Latency tracing for database queries and remote joins`
			`# the resulting latency information is returned with the`
			`# response`
			`enable_tracing: true`

			`# Watch the config folder and reload Super Graph`
			`# with the new configs when a change is detected`
			`reload_on_config_change: true`

			`# File that points to the database seeding script`
			`# seed_file: seed.js`

			`# Path pointing to where the migrations can be found`
			`# this must be a relative path under the config path`
			`migrations_path: ./migrations`

			`# Secret key for general encryption operations like`
			`# encrypting the cursor data`
			`secret_key: supercalifajalistics`

			`# CORS: A list of origins a cross-domain request can be executed from.`
			`# If the special * value is present in the list, all origins will be allowed.`
			`# An origin may contain a wildcard (*) to replace 0 or more`
			`# characters (i.e.: http://*.domain.com).`
			`cors_allowed_origins: ["*"]`

			`# Debug Cross Origin Resource Sharing requests`
			`cors_debug: false`

			`# Postgres related environment Variables`
			`# SG_DATABASE_HOST`
			`# SG_DATABASE_PORT`
			`# SG_DATABASE_USER`
			`# SG_DATABASE_PASSWORD`

			`# Auth related environment Variables`
			`# SG_AUTH_RAILS_COOKIE_SECRET_KEY_BASE`
			`# SG_AUTH_RAILS_REDIS_URL`
			`# SG_AUTH_RAILS_REDIS_PASSWORD`
			`# SG_AUTH_JWT_PUBLIC_KEY_FILE`

			`# inflections:`
			`# person: people`
			`# sheep: sheep`

			`auth:`
			`# Can be 'rails', 'jwt' or 'header'`
			`type: jwt`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`#cookie: _supergraph_session`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`# Comment this out if you want to disable setting`
			`# the user_id via a header for testing.`
			`# Disable in production`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`#creds_in_header: false`
Mise en place du projet 2020-06-15 14:58:59 +02:00
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`jwt:`
			`provider: hydra`
			`jwks_url: http://hydra:4444/.well-known/jwks.json`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`# header:`
			`# name: dnt`
			`# exists: true`
			`# value: localhost:8080`

			`# You can add additional named auths to use with actions`
			`# In this example actions using this auth can only be`
			`# called from the Google Appengine Cron service that`
			`# sets a special header to all it's requests`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# auths:`
			`# - name: from_taskqueue`
			`# type: header`
			`# header:`
			`# name: X-Appengine-Cron`
			`# exists: true`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`database:`
			`type: postgres`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`host: localhost`
Mise en place du projet 2020-06-15 14:58:59 +02:00			`port: 5432`
			`dbname: daddy`
			`user: daddy`
			`password: daddy`

			`#schema: "public"`
			`#pool_size: 10`
			`#max_retries: 0`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`log_level: "debug"`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`# Set session variable "user.id" to the user id`
			`# Enable this if you need the user id in triggers, etc`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`set_user_id: true`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`# database ping timeout is used for db health checking`
			`ping_timeout: 1m`

			`# Define additional variables here to be used with filters`
			`variables:`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# admin_account_id: "5"`
			`# admin_account_id: "sql:select id from users where admin = true limit 1"`
Mise en place du projet 2020-06-15 14:58:59 +02:00

			`# Field and table names that you wish to block`
			`blocklist:`
			`- ar_internal_metadata`
			`- schema_migrations`
			`- secret`
			`- password`
			`- encrypted`
			`- token`

			`# Create custom actions with their own api endpoints`
			`# For example the below action will be available at /api/v1/actions/refresh_leaderboard_users`
			`# A request to this url will execute the configured SQL query`
			`# which in this case refreshes a materialized view in the database.`
			`# The auth_name is from one of the configured auths`
			`actions:`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# - name: refresh_leaderboard_users`
			`# sql: REFRESH MATERIALIZED VIEW CONCURRENTLY "leaderboard_users"`
			`# auth_name: from_taskqueue`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`tables:`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# - name: customers`
			`# remotes:`
			`# - name: payments`
			`# id: stripe_id`
			`# url: http://rails_app:3000/stripe/$id`
			`# path: data`
			`# # debug: true`
			`# pass_headers:`
			`# - cookie`
			`# set_headers:`
			`# - name: Host`
			`# value: 0.0.0.0`
Mise en place du projet 2020-06-15 14:58:59 +02:00			`# - name: Authorization`
			`# value: Bearer <stripe_api_key>`

Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# - # You can create new fields that have a`
			`# # real db table backing them`
			`# name: me`
			`# table: users`
Mise en place du projet 2020-06-15 14:58:59 +02:00

Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`roles_query: "select * from users where users.email = $user_id"`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`roles:`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			# Rôle par défaut si l'utilisateur n'existe pas dans la table `users`
Mise en place du projet 2020-06-15 14:58:59 +02:00			`- name: anon`
			`tables:`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# - name: users`
			`# insert:`
			`# block: true`
			`# query:`
			`# block: true`
			`# update:`
			`# block: true`
			`# delete:`
			`# block: true`

			# Rôle par défaut si l'utilisateur existe dans la table `users`
			# mais que la valeur de la colonne `role` n'est pas définie
Mise en place du projet 2020-06-15 14:58:59 +02:00			`- name: user`
			`tables:`
			`- name: users`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`insert:`
			`block: true`
Mise en place du projet 2020-06-15 14:58:59 +02:00			`query:`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`filters: ["{ email: { _eq: $user_id } }"]`
			`update:`
			`columns:`
			`- full_name`
			`filters: ["{ email: { _eq: $user_id } }"]`
			`delete:`
			`block: true`
Mise en place du projet 2020-06-15 14:58:59 +02:00
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`- name: admin`
			`match: role = 'admin'`
			`tables:`
			`- name: users`
Mise en place du projet 2020-06-15 14:58:59 +02:00			`query:`
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`filters: []`

			`# - name: products`
			`# query:`
			`# limit: 50`
			`# filters: ["{ user_id: { eq: $user_id } }"]`
			`# disable_functions: false`

			`# insert:`
			`# filters: ["{ user_id: { eq: $user_id } }"]`
			`# presets:`
			`# - user_id: "$user_id"`
			`# - created_at: "now"`
Mise en place du projet 2020-06-15 14:58:59 +02:00
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# update:`
			`# filters: ["{ user_id: { eq: $user_id } }"]`
			`# presets:`
			`# - updated_at: "now"`
Mise en place du projet 2020-06-15 14:58:59 +02:00
Configuration basique des rôles en mode 'dev' 2020-06-21 14:22:06 +02:00			`# delete:`
			`# block: true`
Mise en place du projet 2020-06-15 14:58:59 +02:00
			`# - name: admin`
			`# match: id = 1000`
			`# tables:`
			`# - name: users`
			`# filters: []`