super-graph/serv/config.go

package serv

import (
	"fmt"
	"os"
	"regexp"
	"strings"
	"time"
	"unicode"

	"github.com/gobuffalo/flect"
	"github.com/spf13/viper"
)

type config struct {
	*viper.Viper

	AppName        string `mapstructure:"app_name"`
	Env            string
	HostPort       string `mapstructure:"host_port"`
	Host           string
	Port           string
	WebUI          bool   `mapstructure:"web_ui"`
	LogLevel       string `mapstructure:"log_level"`
	EnableTracing  bool   `mapstructure:"enable_tracing"`
	UseAllowList   bool   `mapstructure:"use_allow_list"`
	Production     bool
	WatchAndReload bool   `mapstructure:"reload_on_config_change"`
	AuthFailBlock  bool   `mapstructure:"auth_fail_block"`
	SeedFile       string `mapstructure:"seed_file"`
	MigrationsPath string `mapstructure:"migrations_path"`

	Inflections map[string]string

	Auth struct {
		Type          string
		Cookie        string
		CredsInHeader bool `mapstructure:"creds_in_header"`

		Rails struct {
			Version       string
			SecretKeyBase string `mapstructure:"secret_key_base"`
			URL           string
			Password      string
			MaxIdle       int `mapstructure:"max_idle"`
			MaxActive     int `mapstructure:"max_active"`
			Salt          string
			SignSalt      string `mapstructure:"sign_salt"`
			AuthSalt      string `mapstructure:"auth_salt"`
		}

		JWT struct {
			Provider   string
			Secret     string
			PubKeyFile string `mapstructure:"public_key_file"`
			PubKeyType string `mapstructure:"public_key_type"`
		}
	}

	DB struct {
		Type        string
		Host        string
		Port        uint16
		DBName      string
		User        string
		Password    string
		Schema      string
		PoolSize    int32         `mapstructure:"pool_size"`
		MaxRetries  int           `mapstructure:"max_retries"`
		SetUserID   bool          `mapstructure:"set_user_id"`
		PingTimeout time.Duration `mapstructure:"ping_timeout"`

		Vars      map[string]string `mapstructure:"variables"`
		Blocklist []string

		Tables []configTable
	} `mapstructure:"database"`

	Tables []configTable

	RolesQuery string `mapstructure:"roles_query"`
	Roles      []configRole
	roles      map[string]*configRole
}

type configColumn struct {
	Name       string
	ForeignKey string `mapstructure:"related_to"`
}

type configTable struct {
	Name      string
	Table     string
	Blocklist []string
	Remotes   []configRemote
	Columns   []configColumn
}

type configRemote struct {
	Name        string
	ID          string
	Path        string
	URL         string
	Debug       bool
	PassHeaders []string `mapstructure:"pass_headers"`
	SetHeaders  []struct {
		Name  string
		Value string
	} `mapstructure:"set_headers"`
}

type configQuery struct {
	Limit            int
	Filters          []string
	Columns          []string
	DisableFunctions bool `mapstructure:"disable_functions"`
	Block            bool
}

type configInsert struct {
	Filters []string
	Columns []string
	Presets map[string]string
	Block   bool
}

type configUpdate struct {
	Filters []string
	Columns []string
	Presets map[string]string
	Block   bool
}

type configDelete struct {
	Filters []string
	Columns []string
	Block   bool
}

type configRoleTable struct {
	Name string

	Query  configQuery
	Insert configInsert
	Update configUpdate
	Delete configDelete
}

type configRole struct {
	Name      string
	Match     string
	Tables    []configRoleTable
	tablesMap map[string]*configRoleTable
}

func newConfig(name string) *viper.Viper {
	vi := viper.New()

	vi.SetEnvPrefix("SG")
	vi.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
	vi.AutomaticEnv()

	vi.SetConfigName(name)
	vi.AddConfigPath(confPath)
	vi.AddConfigPath("./config")

	if dir, _ := os.Getwd(); strings.HasSuffix(dir, "/serv") {
		vi.AddConfigPath("../config")
	}

	vi.SetDefault("host_port", "0.0.0.0:8080")
	vi.SetDefault("web_ui", false)
	vi.SetDefault("enable_tracing", false)
	vi.SetDefault("auth_fail_block", "always")
	vi.SetDefault("seed_file", "seed.js")

	vi.SetDefault("database.type", "postgres")
	vi.SetDefault("database.host", "localhost")
	vi.SetDefault("database.port", 5432)
	vi.SetDefault("database.user", "postgres")
	vi.SetDefault("database.schema", "public")

	vi.SetDefault("env", "development")

	vi.BindEnv("env", "GO_ENV") //nolint: errcheck
	vi.BindEnv("HOST", "HOST")  //nolint: errcheck
	vi.BindEnv("PORT", "PORT")  //nolint: errcheck

	vi.SetDefault("auth.rails.max_idle", 80)
	vi.SetDefault("auth.rails.max_active", 12000)

	return vi
}

func (c *config) Init(vi *viper.Viper) error {
	if err := vi.Unmarshal(c); err != nil {
		return fmt.Errorf("unable to decode config, %v", err)
	}
	c.Viper = vi

	if len(c.Tables) == 0 {
		c.Tables = c.DB.Tables
	}

	if c.UseAllowList {
		c.Production = true
	}

	for k, v := range c.Inflections {
		flect.AddPlural(k, v)
	}

	for i := range c.Tables {
		t := c.Tables[i]
		t.Name = flect.Pluralize(strings.ToLower(t.Name))
		t.Table = flect.Pluralize(strings.ToLower(t.Table))
	}

	for i := range c.Roles {
		r := c.Roles[i]
		r.Name = strings.ToLower(r.Name)
	}

	for k, v := range c.DB.Vars {
		c.DB.Vars[k] = sanitize(v)
	}

	c.RolesQuery = sanitize(c.RolesQuery)
	c.roles = make(map[string]*configRole)

	for i := range c.Roles {
		role := &c.Roles[i]

		if _, ok := c.roles[role.Name]; ok {
			errlog.Fatal().Msgf("duplicate role '%s' found", role.Name)
		}

		role.Name = strings.ToLower(role.Name)
		role.Match = sanitize(role.Match)
		role.tablesMap = make(map[string]*configRoleTable)

		for n, table := range role.Tables {
			role.tablesMap[table.Name] = &role.Tables[n]
		}

		c.roles[role.Name] = role
	}

	if _, ok := c.roles["user"]; !ok {
		u := configRole{Name: "user"}
		c.Roles = append(c.Roles, u)
		c.roles["user"] = &u
	}

	if _, ok := c.roles["anon"]; !ok {
		logger.Warn().Msg("unauthenticated requests will be blocked. no role 'anon' defined")
		c.AuthFailBlock = true
	}

	c.validate()

	return nil
}

func (c *config) validate() {
	rm := make(map[string]struct{})

	for i := range c.Roles {
		name := c.Roles[i].Name

		if _, ok := rm[name]; ok {
			errlog.Fatal().Msgf("duplicate config for role '%s'", c.Roles[i].Name)
		}
		rm[name] = struct{}{}
	}

	tm := make(map[string]struct{})

	for i := range c.Tables {
		name := c.Tables[i].Name

		if _, ok := tm[name]; ok {
			errlog.Fatal().Msgf("duplicate config for table '%s'", c.Tables[i].Name)
		}
		tm[name] = struct{}{}
	}

	if len(c.RolesQuery) == 0 {
		logger.Warn().Msgf("no 'roles_query' defined.")
	}
}

func (c *config) getAliasMap() map[string][]string {
	m := make(map[string][]string, len(c.Tables))

	for i := range c.Tables {
		t := c.Tables[i]

		if len(t.Table) == 0 {
			continue
		}

		m[t.Table] = append(m[t.Table], t.Name)
	}
	return m
}

func (c *config) isABCLEnabled() bool {
	if len(c.RolesQuery) == 0 {
		return false
	}

	switch len(c.Roles) {
	case 0, 1:
		return false
	case 2:
		_, ok1 := c.roles["anon"]
		_, ok2 := c.roles["user"]
		return !(ok1 && ok2)
	}

	return true
}

func (c *config) isAnonRoleDefined() bool {
	_, ok := c.roles["anon"]
	return ok
}

var varRe1 = regexp.MustCompile(`(?mi)\$([a-zA-Z0-9_.]+)`)
var varRe2 = regexp.MustCompile(`\{\{([a-zA-Z0-9_.]+)\}\}`)

func sanitize(s string) string {
	s0 := varRe1.ReplaceAllString(s, `{{$1}}`)

	s1 := strings.Map(func(r rune) rune {
		if unicode.IsSpace(r) {
			return ' '
		}
		return r
	}, s0)

	return varRe2.ReplaceAllStringFunc(s1, func(m string) string {
		return strings.ToLower(m)
	})
}
Add REST API stitching 2019-05-13 01:27:26 +02:00			`package serv`

Add validation for remote JSON 2019-06-04 16:54:51 +02:00			`import (`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`"fmt"`
			`"os"`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00			`"regexp"`
Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00			`"strings"`
#19 Health check (#24) * Add health check endpoint (#19) * Add healthy response (#19) 2019-12-09 07:59:30 +01:00			`"time"`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00			`"unicode"`
Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`"github.com/gobuffalo/flect"`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`"github.com/spf13/viper"`
Add validation for remote JSON 2019-06-04 16:54:51 +02:00			`)`

Add REST API stitching 2019-05-13 01:27:26 +02:00			`type config struct {`
Allow config files to inherit from other config files 2019-10-28 06:48:04 +01:00			`*viper.Viper`

Watch and reload on config changes 2019-09-08 20:56:32 +02:00			AppName string `mapstructure:"app_name"`
			`Env string`
			HostPort string `mapstructure:"host_port"`
			`Host string`
			`Port string`
			WebUI bool `mapstructure:"web_ui"`
			LogLevel string `mapstructure:"log_level"`
			EnableTracing bool `mapstructure:"enable_tracing"`
			UseAllowList bool `mapstructure:"use_allow_list"`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`Production bool`
Watch and reload on config changes 2019-09-08 20:56:32 +02:00			WatchAndReload bool `mapstructure:"reload_on_config_change"`
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			AuthFailBlock bool `mapstructure:"auth_fail_block"`
Add database seeding capability 2019-09-20 06:19:11 +02:00			SeedFile string `mapstructure:"seed_file"`
Add migrate command 2019-09-26 06:35:31 +02:00			MigrationsPath string `mapstructure:"migrations_path"`

			`Inflections map[string]string`
Add REST API stitching 2019-05-13 01:27:26 +02:00
			`Auth struct {`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00			`Type string`
			`Cookie string`
			CredsInHeader bool `mapstructure:"creds_in_header"`
Add REST API stitching 2019-05-13 01:27:26 +02:00
			`Rails struct {`
			`Version string`
			SecretKeyBase string `mapstructure:"secret_key_base"`
			`URL string`
			`Password string`
			MaxIdle int `mapstructure:"max_idle"`
			MaxActive int `mapstructure:"max_active"`
			`Salt string`
			SignSalt string `mapstructure:"sign_salt"`
			AuthSalt string `mapstructure:"auth_salt"`
			`}`

			`JWT struct {`
			`Provider string`
			`Secret string`
			PubKeyFile string `mapstructure:"public_key_file"`
			PubKeyType string `mapstructure:"public_key_type"`
			`}`
			`}`

			`DB struct {`
#19 Health check (#24) * Add health check endpoint (#19) * Add healthy response (#19) 2019-12-09 07:59:30 +01:00			`Type string`
			`Host string`
			`Port uint16`
			`DBName string`
			`User string`
			`Password string`
			`Schema string`
			PoolSize int32 `mapstructure:"pool_size"`
			MaxRetries int `mapstructure:"max_retries"`
			SetUserID bool `mapstructure:"set_user_id"`
			PingTimeout time.Duration `mapstructure:"ping_timeout"`
Add REST API stitching 2019-05-13 01:27:26 +02:00
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			Vars map[string]string `mapstructure:"variables"`
			`Blocklist []string`
Add REST API stitching 2019-05-13 01:27:26 +02:00
			`Tables []configTable`
			} `mapstructure:"database"`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00
			`Tables []configTable`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00
			RolesQuery string `mapstructure:"roles_query"`
			`Roles []configRole`
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`roles map[string]*configRole`
Add REST API stitching 2019-05-13 01:27:26 +02:00			`}`

Add config driven custom table relationships 2019-12-09 07:48:18 +01:00			`type configColumn struct {`
			`Name string`
			ForeignKey string `mapstructure:"related_to"`
			`}`

Add REST API stitching 2019-05-13 01:27:26 +02:00			`type configTable struct {`
Add role based access control 2019-10-14 08:51:36 +02:00			`Name string`
			`Table string`
			`Blocklist []string`
			`Remotes []configRemote`
Add config driven custom table relationships 2019-12-09 07:48:18 +01:00			`Columns []configColumn`
Add REST API stitching 2019-05-13 01:27:26 +02:00			`}`

			`type configRemote struct {`
			`Name string`
			`ID string`
			`Path string`
			`URL string`
Add request / response debugging for remote joins 2019-06-06 14:57:00 +02:00			`Debug bool`
Add REST API stitching 2019-05-13 01:27:26 +02:00			PassHeaders []string `mapstructure:"pass_headers"`
			`SetHeaders []struct {`
			`Name string`
			`Value string`
			} `mapstructure:"set_headers"`
			`}`

Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configQuery struct {`
			`Limit int`
			`Filters []string`
			`Columns []string`
			DisableFunctions bool `mapstructure:"disable_functions"`
			`Block bool`
			`}`
Add role based access control 2019-10-14 08:51:36 +02:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configInsert struct {`
			`Filters []string`
			`Columns []string`
			`Presets map[string]string`
			`Block bool`
			`}`
Add role based access control 2019-10-14 08:51:36 +02:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configUpdate struct {`
			`Filters []string`
			`Columns []string`
			`Presets map[string]string`
			`Block bool`
			`}`
Add role based access control 2019-10-14 08:51:36 +02:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configDelete struct {`
			`Filters []string`
			`Columns []string`
			`Block bool`
			`}`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configRoleTable struct {`
			`Name string`

			`Query configQuery`
			`Insert configInsert`
			`Update configUpdate`
			`Delete configDelete`
Add role based access control 2019-10-14 08:51:36 +02:00			`}`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`type configRole struct {`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`Name string`
			`Match string`
			`Tables []configRoleTable`
			`tablesMap map[string]*configRoleTable`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

Allow config files to inherit from other config files 2019-10-28 06:48:04 +01:00			`func newConfig(name string) *viper.Viper {`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`vi := viper.New()`

			`vi.SetEnvPrefix("SG")`
			`vi.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))`
			`vi.AutomaticEnv()`

Allow config files to inherit from other config files 2019-10-28 06:48:04 +01:00			`vi.SetConfigName(name)`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`vi.AddConfigPath(confPath)`
			`vi.AddConfigPath("./config")`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`if dir, _ := os.Getwd(); strings.HasSuffix(dir, "/serv") {`
			`vi.AddConfigPath("../config")`
			`}`

Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`vi.SetDefault("host_port", "0.0.0.0:8080")`
			`vi.SetDefault("web_ui", false)`
			`vi.SetDefault("enable_tracing", false)`
			`vi.SetDefault("auth_fail_block", "always")`
			`vi.SetDefault("seed_file", "seed.js")`

			`vi.SetDefault("database.type", "postgres")`
			`vi.SetDefault("database.host", "localhost")`
			`vi.SetDefault("database.port", 5432)`
			`vi.SetDefault("database.user", "postgres")`
			`vi.SetDefault("database.schema", "public")`

			`vi.SetDefault("env", "development")`
Move license from MIT to Apache 2.0. Add Makefile 2019-11-28 07:25:46 +01:00
			`vi.BindEnv("env", "GO_ENV") //nolint: errcheck`
			`vi.BindEnv("HOST", "HOST") //nolint: errcheck`
			`vi.BindEnv("PORT", "PORT") //nolint: errcheck`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00
			`vi.SetDefault("auth.rails.max_idle", 80)`
			`vi.SetDefault("auth.rails.max_active", 12000)`

			`return vi`
			`}`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`func (c config) Init(vi viper.Viper) error {`
			`if err := vi.Unmarshal(c); err != nil {`
			`return fmt.Errorf("unable to decode config, %v", err)`
			`}`
			`c.Viper = vi`

			`if len(c.Tables) == 0 {`
			`c.Tables = c.DB.Tables`
			`}`

Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`if c.UseAllowList {`
			`c.Production = true`
			`}`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`for k, v := range c.Inflections {`
			`flect.AddPlural(k, v)`
			`}`

			`for i := range c.Tables {`
			`t := c.Tables[i]`
			`t.Name = flect.Pluralize(strings.ToLower(t.Name))`
			`t.Table = flect.Pluralize(strings.ToLower(t.Table))`
			`}`

			`for i := range c.Roles {`
			`r := c.Roles[i]`
			`r.Name = strings.ToLower(r.Name)`
			`}`

			`for k, v := range c.DB.Vars {`
			`c.DB.Vars[k] = sanitize(v)`
			`}`

			`c.RolesQuery = sanitize(c.RolesQuery)`
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`c.roles = make(map[string]*configRole)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
			`for i := range c.Roles {`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`role := &c.Roles[i]`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`if _, ok := c.roles[role.Name]; ok {`
			`errlog.Fatal().Msgf("duplicate role '%s' found", role.Name)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`
Add config driven custom table relationships 2019-12-09 07:48:18 +01:00
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`role.Name = strings.ToLower(role.Name)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`role.Match = sanitize(role.Match)`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`role.tablesMap = make(map[string]*configRoleTable)`

			`for n, table := range role.Tables {`
			`role.tablesMap[table.Name] = &role.Tables[n]`
			`}`

Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`c.roles[role.Name] = role`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`if _, ok := c.roles["user"]; !ok {`
			`u := configRole{Name: "user"}`
			`c.Roles = append(c.Roles, u)`
			`c.roles["user"] = &u`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`if _, ok := c.roles["anon"]; !ok {`
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`logger.Warn().Msg("unauthenticated requests will be blocked. no role 'anon' defined")`
			`c.AuthFailBlock = true`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

			`c.validate()`

			`return nil`
			`}`

			`func (c *config) validate() {`
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`rm := make(map[string]struct{})`

			`for i := range c.Roles {`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`name := c.Roles[i].Name`

Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`if _, ok := rm[name]; ok {`
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`errlog.Fatal().Msgf("duplicate config for role '%s'", c.Roles[i].Name)`
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`}`
			`rm[name] = struct{}{}`
			`}`

			`tm := make(map[string]struct{})`

			`for i := range c.Tables {`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`name := c.Tables[i].Name`

Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`if _, ok := tm[name]; ok {`
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`errlog.Fatal().Msgf("duplicate config for table '%s'", c.Tables[i].Name)`
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`}`
			`tm[name] = struct{}{}`
			`}`

			`if len(c.RolesQuery) == 0 {`
			`logger.Warn().Msgf("no 'roles_query' defined.")`
			`}`
			`}`

Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00			`func (c *config) getAliasMap() map[string][]string {`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`m := make(map[string][]string, len(c.Tables))`
Add REST API stitching 2019-05-13 01:27:26 +02:00
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`for i := range c.Tables {`
			`t := c.Tables[i]`
Add REST API stitching 2019-05-13 01:27:26 +02:00
			`if len(t.Table) == 0 {`
			`continue`
			`}`
Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`m[t.Table] = append(m[t.Table], t.Name)`
Add REST API stitching 2019-05-13 01:27:26 +02:00			`}`
			`return m`
			`}`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00
Add config driven custom table relationships 2019-12-09 07:48:18 +01:00			`func (c *config) isABCLEnabled() bool {`
			`if len(c.RolesQuery) == 0 {`
			`return false`
			`}`

			`switch len(c.Roles) {`
			`case 0, 1:`
			`return false`
			`case 2:`
			`_, ok1 := c.roles["anon"]`
			`_, ok2 := c.roles["user"]`
			`return !(ok1 && ok2)`
			`}`

			`return true`
			`}`

			`func (c *config) isAnonRoleDefined() bool {`
			`_, ok := c.roles["anon"]`
			`return ok`
			`}`

Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00			var varRe1 = regexp.MustCompile(`(?mi)\$([a-zA-Z0-9_.]+)`)
			var varRe2 = regexp.MustCompile(`\{\{([a-zA-Z0-9_.]+)\}\}`)

			`func sanitize(s string) string {`
			s0 := varRe1.ReplaceAllString(s, `{{$1}}`)

			`s1 := strings.Map(func(r rune) rune {`
			`if unicode.IsSpace(r) {`
			`return ' '`
			`}`
			`return r`
			`}, s0)`

			`return varRe2.ReplaceAllStringFunc(s1, func(m string) string {`
			`return strings.ToLower(m)`
			`})`
			`}`