super-graph/serv/config.go

package serv

import (
	"fmt"
	"os"
	"regexp"
	"strings"
	"time"
	"unicode"

	"github.com/gobuffalo/flect"
	"github.com/spf13/viper"
)

type config struct {
	*viper.Viper

	AppName        string `mapstructure:"app_name"`
	Env            string
	HostPort       string `mapstructure:"host_port"`
	Host           string
	Port           string
	HTTPGZip       bool   `mapstructure:"http_compress"`
	WebUI          bool   `mapstructure:"web_ui"`
	LogLevel       string `mapstructure:"log_level"`
	EnableTracing  bool   `mapstructure:"enable_tracing"`
	UseAllowList   bool   `mapstructure:"use_allow_list"`
	Production     bool
	WatchAndReload bool   `mapstructure:"reload_on_config_change"`
	AuthFailBlock  bool   `mapstructure:"auth_fail_block"`
	SeedFile       string `mapstructure:"seed_file"`
	MigrationsPath string `mapstructure:"migrations_path"`
	SecretKey      string `mapstructure:"secret_key"`

	Inflections map[string]string

	Auth  configAuth
	Auths []configAuth

	DB struct {
		Type        string
		Host        string
		Port        uint16
		DBName      string
		User        string
		Password    string
		Schema      string
		PoolSize    int32         `mapstructure:"pool_size"`
		MaxRetries  int           `mapstructure:"max_retries"`
		SetUserID   bool          `mapstructure:"set_user_id"`
		PingTimeout time.Duration `mapstructure:"ping_timeout"`

		Vars      map[string]string `mapstructure:"variables"`
		Blocklist []string

		Tables []configTable
	} `mapstructure:"database"`

	Actions []configAction

	Tables []configTable

	RolesQuery  string `mapstructure:"roles_query"`
	Roles       []configRole
	roles       map[string]*configRole
	abacEnabled bool
}

type configAuth struct {
	Name          string
	Type          string
	Cookie        string
	CredsInHeader bool `mapstructure:"creds_in_header"`

	Rails struct {
		Version       string
		SecretKeyBase string `mapstructure:"secret_key_base"`
		URL           string
		Password      string
		MaxIdle       int `mapstructure:"max_idle"`
		MaxActive     int `mapstructure:"max_active"`
		Salt          string
		SignSalt      string `mapstructure:"sign_salt"`
		AuthSalt      string `mapstructure:"auth_salt"`
	}

	JWT struct {
		Provider   string
		Secret     string
		PubKeyFile string `mapstructure:"public_key_file"`
		PubKeyType string `mapstructure:"public_key_type"`
	}

	Header struct {
		Name   string
		Value  string
		Exists bool
	}
}

type configColumn struct {
	Name       string
	Type       string
	ForeignKey string `mapstructure:"related_to"`
}

type configTable struct {
	Name      string
	Table     string
	Blocklist []string
	Remotes   []configRemote
	Columns   []configColumn
}

type configRemote struct {
	Name        string
	ID          string
	Path        string
	URL         string
	Debug       bool
	PassHeaders []string `mapstructure:"pass_headers"`
	SetHeaders  []struct {
		Name  string
		Value string
	} `mapstructure:"set_headers"`
}

type configQuery struct {
	Limit            int
	Filters          []string
	Columns          []string
	DisableFunctions bool `mapstructure:"disable_functions"`
	Block            bool
}

type configInsert struct {
	Filters []string
	Columns []string
	Presets map[string]string
	Block   bool
}

type configUpdate struct {
	Filters []string
	Columns []string
	Presets map[string]string
	Block   bool
}

type configDelete struct {
	Filters []string
	Columns []string
	Block   bool
}

type configRoleTable struct {
	Name string

	Query  configQuery
	Insert configInsert
	Update configUpdate
	Delete configDelete
}

type configRole struct {
	Name      string
	Match     string
	Tables    []configRoleTable
	tablesMap map[string]*configRoleTable
}

type configAction struct {
	Name     string
	SQL      string
	AuthName string `mapstructure:"auth_name"`
}

func newConfig(name string) *viper.Viper {
	vi := viper.New()

	vi.SetEnvPrefix("SG")
	vi.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))
	vi.AutomaticEnv()

	vi.SetConfigName(name)
	vi.AddConfigPath(confPath)
	vi.AddConfigPath("./config")

	if dir, _ := os.Getwd(); strings.HasSuffix(dir, "/serv") {
		vi.AddConfigPath("../config")
	}

	vi.SetDefault("host_port", "0.0.0.0:8080")
	vi.SetDefault("web_ui", false)
	vi.SetDefault("enable_tracing", false)
	vi.SetDefault("auth_fail_block", "always")
	vi.SetDefault("seed_file", "seed.js")

	vi.SetDefault("database.type", "postgres")
	vi.SetDefault("database.host", "localhost")
	vi.SetDefault("database.port", 5432)
	vi.SetDefault("database.user", "postgres")
	vi.SetDefault("database.schema", "public")

	vi.SetDefault("env", "development")

	vi.BindEnv("env", "GO_ENV") //nolint: errcheck
	vi.BindEnv("HOST", "HOST")  //nolint: errcheck
	vi.BindEnv("PORT", "PORT")  //nolint: errcheck

	vi.SetDefault("auth.rails.max_idle", 80)
	vi.SetDefault("auth.rails.max_active", 12000)

	return vi
}

func (c *config) Init(vi *viper.Viper) error {
	if err := vi.Unmarshal(c); err != nil {
		return fmt.Errorf("unable to decode config, %v", err)
	}
	c.Viper = vi

	if len(c.Tables) == 0 {
		c.Tables = c.DB.Tables
	}

	if c.UseAllowList {
		c.Production = true
	}

	for k, v := range c.Inflections {
		flect.AddPlural(k, v)
	}

	for i := range c.Tables {
		t := c.Tables[i]
		t.Name = flect.Pluralize(strings.ToLower(t.Name))
		t.Table = flect.Pluralize(strings.ToLower(t.Table))
	}

	for i := range c.Roles {
		r := c.Roles[i]
		r.Name = strings.ToLower(r.Name)
	}

	for k, v := range c.DB.Vars {
		c.DB.Vars[k] = sanitize(v)
	}

	c.RolesQuery = sanitize(c.RolesQuery)
	c.roles = make(map[string]*configRole)

	for i := range c.Roles {
		role := &c.Roles[i]

		if _, ok := c.roles[role.Name]; ok {
			errlog.Fatal().Msgf("duplicate role '%s' found", role.Name)
		}

		role.Name = strings.ToLower(role.Name)
		role.Match = sanitize(role.Match)
		role.tablesMap = make(map[string]*configRoleTable)

		for n, table := range role.Tables {
			role.tablesMap[table.Name] = &role.Tables[n]
		}

		c.roles[role.Name] = role
	}

	if _, ok := c.roles["user"]; !ok {
		u := configRole{Name: "user"}
		c.Roles = append(c.Roles, u)
		c.roles["user"] = &u
	}

	if _, ok := c.roles["anon"]; !ok {
		logger.Warn().Msg("unauthenticated requests will be blocked. no role 'anon' defined")
		c.AuthFailBlock = true
	}

	if len(c.RolesQuery) == 0 {
		c.abacEnabled = false
	} else {
		switch len(c.Roles) {
		case 0, 1:
			c.abacEnabled = false
		case 2:
			_, ok1 := c.roles["anon"]
			_, ok2 := c.roles["user"]
			c.abacEnabled = !(ok1 && ok2)
		default:
			c.abacEnabled = true
		}
	}

	c.validate()

	return nil
}

func (c *config) validate() {
	rm := make(map[string]struct{})

	for _, v := range c.Roles {
		name := strings.ToLower(v.Name)

		if _, ok := rm[name]; ok {
			errlog.Fatal().Msgf("duplicate config for role '%s'", v.Name)
		}
		rm[name] = struct{}{}
	}

	tm := make(map[string]struct{})

	for _, v := range c.Tables {
		name := strings.ToLower(v.Name)

		if _, ok := tm[name]; ok {
			errlog.Fatal().Msgf("duplicate config for table '%s'", v.Name)
		}
		tm[name] = struct{}{}
	}

	am := make(map[string]struct{})

	for _, v := range c.Auths {
		name := strings.ToLower(v.Name)

		if _, ok := am[name]; ok {
			errlog.Fatal().Msgf("duplicate config for auth '%s'", v.Name)
		}
		am[name] = struct{}{}
	}

	for _, v := range c.Actions {
		if len(v.AuthName) == 0 {
			continue
		}
		authName := strings.ToLower(v.AuthName)

		if _, ok := am[authName]; !ok {
			errlog.Fatal().Msgf("invalid auth_name for action '%s'", v.Name)
		}
	}

	if len(c.RolesQuery) == 0 {
		logger.Warn().Msgf("no 'roles_query' defined.")
	}
}

func (c *config) getAliasMap() map[string][]string {
	m := make(map[string][]string, len(c.Tables))

	for i := range c.Tables {
		t := c.Tables[i]

		if len(t.Table) == 0 || len(t.Columns) != 0 {
			continue
		}

		m[t.Table] = append(m[t.Table], t.Name)
	}
	return m
}

func (c *config) isABACEnabled() bool {
	return c.abacEnabled
}

func (c *config) isAnonRoleDefined() bool {
	_, ok := c.roles["anon"]
	return ok
}

var varRe1 = regexp.MustCompile(`(?mi)\$([a-zA-Z0-9_.]+)`)
var varRe2 = regexp.MustCompile(`\{\{([a-zA-Z0-9_.]+)\}\}`)

func sanitize(s string) string {
	s0 := varRe1.ReplaceAllString(s, `{{$1}}`)

	s1 := strings.Map(func(r rune) rune {
		if unicode.IsSpace(r) {
			return ' '
		}
		return r
	}, s0)

	return varRe2.ReplaceAllStringFunc(s1, func(m string) string {
		return strings.ToLower(m)
	})
}

func getConfigName() string {
	if len(os.Getenv("GO_ENV")) == 0 {
		return "dev"
	}

	ge := strings.ToLower(os.Getenv("GO_ENV"))

	switch {
	case strings.HasPrefix(ge, "pro"):
		return "prod"

	case strings.HasPrefix(ge, "sta"):
		return "stage"

	case strings.HasPrefix(ge, "tes"):
		return "test"

	case strings.HasPrefix(ge, "dev"):
		return "dev"
	}

	return ge
}

func isDev() bool {
	return strings.HasPrefix(os.Getenv("GO_ENV"), "dev")
}
Add REST API stitching 2019-05-13 01:27:26 +02:00			`package serv`

Add validation for remote JSON 2019-06-04 16:54:51 +02:00			`import (`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`"fmt"`
			`"os"`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00			`"regexp"`
Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00			`"strings"`
#19 Health check (#24) * Add health check endpoint (#19) * Add healthy response (#19) 2019-12-09 07:59:30 +01:00			`"time"`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00			`"unicode"`
Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`"github.com/gobuffalo/flect"`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`"github.com/spf13/viper"`
Add validation for remote JSON 2019-06-04 16:54:51 +02:00			`)`

Add REST API stitching 2019-05-13 01:27:26 +02:00			`type config struct {`
Allow config files to inherit from other config files 2019-10-28 06:48:04 +01:00			`*viper.Viper`

Watch and reload on config changes 2019-09-08 20:56:32 +02:00			AppName string `mapstructure:"app_name"`
			`Env string`
			HostPort string `mapstructure:"host_port"`
			`Host string`
			`Port string`
Add HTTP GZip compression 2019-12-31 07:30:20 +01:00			HTTPGZip bool `mapstructure:"http_compress"`
Watch and reload on config changes 2019-09-08 20:56:32 +02:00			WebUI bool `mapstructure:"web_ui"`
			LogLevel string `mapstructure:"log_level"`
			EnableTracing bool `mapstructure:"enable_tracing"`
			UseAllowList bool `mapstructure:"use_allow_list"`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`Production bool`
Watch and reload on config changes 2019-09-08 20:56:32 +02:00			WatchAndReload bool `mapstructure:"reload_on_config_change"`
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			AuthFailBlock bool `mapstructure:"auth_fail_block"`
Add database seeding capability 2019-09-20 06:19:11 +02:00			SeedFile string `mapstructure:"seed_file"`
Add migrate command 2019-09-26 06:35:31 +02:00			MigrationsPath string `mapstructure:"migrations_path"`
Add pagination using opaque cursors 2020-02-10 07:45:37 +01:00			SecretKey string `mapstructure:"secret_key"`
Add migrate command 2019-09-26 06:35:31 +02:00
			`Inflections map[string]string`
Add REST API stitching 2019-05-13 01:27:26 +02:00
Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`Auth configAuth`
			`Auths []configAuth`
Add REST API stitching 2019-05-13 01:27:26 +02:00
			`DB struct {`
#19 Health check (#24) * Add health check endpoint (#19) * Add healthy response (#19) 2019-12-09 07:59:30 +01:00			`Type string`
			`Host string`
			`Port uint16`
			`DBName string`
			`User string`
			`Password string`
			`Schema string`
			PoolSize int32 `mapstructure:"pool_size"`
			MaxRetries int `mapstructure:"max_retries"`
			SetUserID bool `mapstructure:"set_user_id"`
			PingTimeout time.Duration `mapstructure:"ping_timeout"`
Add REST API stitching 2019-05-13 01:27:26 +02:00
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			Vars map[string]string `mapstructure:"variables"`
			`Blocklist []string`
Add REST API stitching 2019-05-13 01:27:26 +02:00
			`Tables []configTable`
			} `mapstructure:"database"`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00
Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`Actions []configAction`

Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`Tables []configTable`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00
Fix documentation for DB relationships 2019-12-10 06:03:44 +01:00			RolesQuery string `mapstructure:"roles_query"`
			`Roles []configRole`
			`roles map[string]*configRole`
			`abacEnabled bool`
Add REST API stitching 2019-05-13 01:27:26 +02:00			`}`

Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`type configAuth struct {`
			`Name string`
			`Type string`
			`Cookie string`
			CredsInHeader bool `mapstructure:"creds_in_header"`

			`Rails struct {`
			`Version string`
			SecretKeyBase string `mapstructure:"secret_key_base"`
			`URL string`
			`Password string`
			MaxIdle int `mapstructure:"max_idle"`
			MaxActive int `mapstructure:"max_active"`
			`Salt string`
			SignSalt string `mapstructure:"sign_salt"`
			AuthSalt string `mapstructure:"auth_salt"`
			`}`

			`JWT struct {`
			`Provider string`
			`Secret string`
			PubKeyFile string `mapstructure:"public_key_file"`
			PubKeyType string `mapstructure:"public_key_type"`
			`}`

			`Header struct {`
			`Name string`
			`Value string`
			`Exists bool`
			`}`
			`}`

Add config driven custom table relationships 2019-12-09 07:48:18 +01:00			`type configColumn struct {`
			`Name string`
Add ability to treat JSON/JSONB columns as tables 2020-01-28 06:26:53 +01:00			`Type string`
Add config driven custom table relationships 2019-12-09 07:48:18 +01:00			ForeignKey string `mapstructure:"related_to"`
			`}`

Add REST API stitching 2019-05-13 01:27:26 +02:00			`type configTable struct {`
Add role based access control 2019-10-14 08:51:36 +02:00			`Name string`
			`Table string`
			`Blocklist []string`
			`Remotes []configRemote`
Add config driven custom table relationships 2019-12-09 07:48:18 +01:00			`Columns []configColumn`
Add REST API stitching 2019-05-13 01:27:26 +02:00			`}`

			`type configRemote struct {`
			`Name string`
			`ID string`
			`Path string`
			`URL string`
Add request / response debugging for remote joins 2019-06-06 14:57:00 +02:00			`Debug bool`
Add REST API stitching 2019-05-13 01:27:26 +02:00			PassHeaders []string `mapstructure:"pass_headers"`
			`SetHeaders []struct {`
			`Name string`
			`Value string`
			} `mapstructure:"set_headers"`
			`}`

Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configQuery struct {`
			`Limit int`
			`Filters []string`
			`Columns []string`
			DisableFunctions bool `mapstructure:"disable_functions"`
			`Block bool`
			`}`
Add role based access control 2019-10-14 08:51:36 +02:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configInsert struct {`
			`Filters []string`
			`Columns []string`
			`Presets map[string]string`
			`Block bool`
			`}`
Add role based access control 2019-10-14 08:51:36 +02:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configUpdate struct {`
			`Filters []string`
			`Columns []string`
			`Presets map[string]string`
			`Block bool`
			`}`
Add role based access control 2019-10-14 08:51:36 +02:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configDelete struct {`
			`Filters []string`
			`Columns []string`
			`Block bool`
			`}`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`type configRoleTable struct {`
			`Name string`

			`Query configQuery`
			`Insert configInsert`
			`Update configUpdate`
			`Delete configDelete`
Add role based access control 2019-10-14 08:51:36 +02:00			`}`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`type configRole struct {`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`Name string`
			`Match string`
			`Tables []configRoleTable`
			`tablesMap map[string]*configRoleTable`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`type configAction struct {`
			`Name string`
			`SQL string`
			AuthName string `mapstructure:"auth_name"`
			`}`

Allow config files to inherit from other config files 2019-10-28 06:48:04 +01:00			`func newConfig(name string) *viper.Viper {`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`vi := viper.New()`

			`vi.SetEnvPrefix("SG")`
			`vi.SetEnvKeyReplacer(strings.NewReplacer(".", "_"))`
			`vi.AutomaticEnv()`

Allow config files to inherit from other config files 2019-10-28 06:48:04 +01:00			`vi.SetConfigName(name)`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`vi.AddConfigPath(confPath)`
			`vi.AddConfigPath("./config")`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`if dir, _ := os.Getwd(); strings.HasSuffix(dir, "/serv") {`
			`vi.AddConfigPath("../config")`
			`}`

Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`vi.SetDefault("host_port", "0.0.0.0:8080")`
			`vi.SetDefault("web_ui", false)`
			`vi.SetDefault("enable_tracing", false)`
			`vi.SetDefault("auth_fail_block", "always")`
			`vi.SetDefault("seed_file", "seed.js")`

			`vi.SetDefault("database.type", "postgres")`
			`vi.SetDefault("database.host", "localhost")`
			`vi.SetDefault("database.port", 5432)`
			`vi.SetDefault("database.user", "postgres")`
			`vi.SetDefault("database.schema", "public")`

			`vi.SetDefault("env", "development")`
Move license from MIT to Apache 2.0. Add Makefile 2019-11-28 07:25:46 +01:00
			`vi.BindEnv("env", "GO_ENV") //nolint: errcheck`
			`vi.BindEnv("HOST", "HOST") //nolint: errcheck`
			`vi.BindEnv("PORT", "PORT") //nolint: errcheck`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00
			`vi.SetDefault("auth.rails.max_idle", 80)`
			`vi.SetDefault("auth.rails.max_active", 12000)`

			`return vi`
			`}`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`func (c config) Init(vi viper.Viper) error {`
			`if err := vi.Unmarshal(c); err != nil {`
			`return fmt.Errorf("unable to decode config, %v", err)`
			`}`
			`c.Viper = vi`

			`if len(c.Tables) == 0 {`
			`c.Tables = c.DB.Tables`
			`}`

Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`if c.UseAllowList {`
			`c.Production = true`
			`}`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`for k, v := range c.Inflections {`
			`flect.AddPlural(k, v)`
			`}`

			`for i := range c.Tables {`
			`t := c.Tables[i]`
			`t.Name = flect.Pluralize(strings.ToLower(t.Name))`
			`t.Table = flect.Pluralize(strings.ToLower(t.Table))`
			`}`

			`for i := range c.Roles {`
			`r := c.Roles[i]`
			`r.Name = strings.ToLower(r.Name)`
			`}`

			`for k, v := range c.DB.Vars {`
			`c.DB.Vars[k] = sanitize(v)`
			`}`

			`c.RolesQuery = sanitize(c.RolesQuery)`
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`c.roles = make(map[string]*configRole)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
			`for i := range c.Roles {`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`role := &c.Roles[i]`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`if _, ok := c.roles[role.Name]; ok {`
			`errlog.Fatal().Msgf("duplicate role '%s' found", role.Name)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`
Add config driven custom table relationships 2019-12-09 07:48:18 +01:00
Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`role.Name = strings.ToLower(role.Name)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`role.Match = sanitize(role.Match)`
Fix bugs and add new production mode 2019-11-07 08:37:24 +01:00			`role.tablesMap = make(map[string]*configRoleTable)`

			`for n, table := range role.Tables {`
			`role.tablesMap[table.Name] = &role.Tables[n]`
			`}`

Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`c.roles[role.Name] = role`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`if _, ok := c.roles["user"]; !ok {`
			`u := configRole{Name: "user"}`
			`c.Roles = append(c.Roles, u)`
			`c.roles["user"] = &u`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

Fix bug with compiling anon queries 2019-11-25 08:22:33 +01:00			`if _, ok := c.roles["anon"]; !ok {`
Block unauthorized requests when 'anon' role is not defined 2019-11-02 22:13:17 +01:00			`logger.Warn().Msg("unauthenticated requests will be blocked. no role 'anon' defined")`
			`c.AuthFailBlock = true`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`}`

Fix documentation for DB relationships 2019-12-10 06:03:44 +01:00			`if len(c.RolesQuery) == 0 {`
			`c.abacEnabled = false`
			`} else {`
			`switch len(c.Roles) {`
			`case 0, 1:`
			`c.abacEnabled = false`
			`case 2:`
			`_, ok1 := c.roles["anon"]`
			`_, ok2 := c.roles["user"]`
			`c.abacEnabled = !(ok1 && ok2)`
			`default:`
			`c.abacEnabled = true`
			`}`
			`}`

Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`c.validate()`

			`return nil`
			`}`

			`func (c *config) validate() {`
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`rm := make(map[string]struct{})`

Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`for _, v := range c.Roles {`
			`name := strings.ToLower(v.Name)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`if _, ok := rm[name]; ok {`
Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`errlog.Fatal().Msgf("duplicate config for role '%s'", v.Name)`
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`}`
			`rm[name] = struct{}{}`
			`}`

			`tm := make(map[string]struct{})`

Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`for _, v := range c.Tables {`
			`name := strings.ToLower(v.Name)`
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`if _, ok := tm[name]; ok {`
Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`errlog.Fatal().Msgf("duplicate config for table '%s'", v.Name)`
Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`}`
			`tm[name] = struct{}{}`
			`}`

Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00			`am := make(map[string]struct{})`

			`for _, v := range c.Auths {`
			`name := strings.ToLower(v.Name)`

			`if _, ok := am[name]; ok {`
			`errlog.Fatal().Msgf("duplicate config for auth '%s'", v.Name)`
			`}`
			`am[name] = struct{}{}`
			`}`

			`for _, v := range c.Actions {`
			`if len(v.AuthName) == 0 {`
			`continue`
			`}`
			`authName := strings.ToLower(v.AuthName)`

			`if _, ok := am[authName]; !ok {`
			`errlog.Fatal().Msgf("invalid auth_name for action '%s'", v.Name)`
			`}`
			`}`

Optimize prepared statement flow for RBAC 2019-10-25 06:01:22 +02:00			`if len(c.RolesQuery) == 0 {`
			`logger.Warn().Msgf("no 'roles_query' defined.")`
			`}`
			`}`

Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00			`func (c *config) getAliasMap() map[string][]string {`
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`m := make(map[string][]string, len(c.Tables))`
Add REST API stitching 2019-05-13 01:27:26 +02:00
Add ability to set filters per operation / action 2019-10-06 22:28:10 +02:00			`for i := range c.Tables {`
			`t := c.Tables[i]`
Add REST API stitching 2019-05-13 01:27:26 +02:00
Add ability to treat JSON/JSONB columns as tables 2020-01-28 06:26:53 +01:00			`if len(t.Table) == 0 \|\| len(t.Columns) != 0 {`
Add REST API stitching 2019-05-13 01:27:26 +02:00			`continue`
			`}`
Futher reduce allocations on the compiler hot path 2019-06-14 06:32:15 +02:00
Change config key inherit to inherits 2019-10-31 06:14:51 +01:00			`m[t.Table] = append(m[t.Table], t.Name)`
Add REST API stitching 2019-05-13 01:27:26 +02:00			`}`
			`return m`
			`}`
Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00
Fix documentation for DB relationships 2019-12-10 06:03:44 +01:00			`func (c *config) isABACEnabled() bool {`
			`return c.abacEnabled`
Add config driven custom table relationships 2019-12-09 07:48:18 +01:00			`}`

			`func (c *config) isAnonRoleDefined() bool {`
			`_, ok := c.roles["anon"]`
			`return ok`
			`}`

Get RBAC working for queries and mutations 2019-10-24 08:07:42 +02:00			var varRe1 = regexp.MustCompile(`(?mi)\$([a-zA-Z0-9_.]+)`)
			var varRe2 = regexp.MustCompile(`\{\{([a-zA-Z0-9_.]+)\}\}`)

			`func sanitize(s string) string {`
			s0 := varRe1.ReplaceAllString(s, `{{$1}}`)

			`s1 := strings.Map(func(r rune) rune {`
			`if unicode.IsSpace(r) {`
			`return ' '`
			`}`
			`return r`
			`}, s0)`

			`return varRe2.ReplaceAllStringFunc(s1, func(m string) string {`
			`return strings.ToLower(m)`
			`})`
			`}`
Add named auth and the all new action endpoints 2020-02-03 07:21:07 +01:00
			`func getConfigName() string {`
			`if len(os.Getenv("GO_ENV")) == 0 {`
			`return "dev"`
			`}`

			`ge := strings.ToLower(os.Getenv("GO_ENV"))`

			`switch {`
			`case strings.HasPrefix(ge, "pro"):`
			`return "prod"`

			`case strings.HasPrefix(ge, "sta"):`
			`return "stage"`

			`case strings.HasPrefix(ge, "tes"):`
			`return "test"`

			`case strings.HasPrefix(ge, "dev"):`
			`return "dev"`
			`}`

			`return ge`
			`}`

			`func isDev() bool {`
			`return strings.HasPrefix(os.Getenv("GO_ENV"), "dev")`
			`}`