Add ability to block queries and mutations by role

serv/config.go

@@ -109,27 +109,27 @@ type configRole struct {
 			Filters            []string
 			Columns            []string
 			DisableAggregation bool `mapstructure:"disable_aggregation"`
-			Deny               bool
+			Block              bool
 		}
 
 		Insert struct {
 			Filters []string
 			Columns []string
 			Set     map[string]string
-			Deny    bool
+			Block   bool
 		}
 
 		Update struct {
 			Filters []string
 			Columns []string
 			Set     map[string]string
-			Deny    bool
+			Block   bool
 		}
 
 		Delete struct {
 			Filters []string
 			Columns []string
-			Deny    bool
+			Block   bool
 		}
 	}
 }

serv/serv.go

@@ -30,6 +30,8 @@ func initCompilers(c *config) (*qcode.Compiler, *psql.Compiler, error) {
 		return nil, nil, err
 	}
 
+	blockFilter := []string{"false"}
+
 	for _, r := range c.Roles {
 		for _, t := range r.Tables {
 			query := qcode.QueryConfig{
@@ -39,23 +41,39 @@ func initCompilers(c *config) (*qcode.Compiler, *psql.Compiler, error) {
 				DisableFunctions: t.Query.DisableAggregation,
 			}
 
+			if t.Query.Block {
+				query.Filters = blockFilter
+			}
+
 			insert := qcode.InsertConfig{
 				Filters: t.Insert.Filters,
 				Columns: t.Insert.Columns,
 				Set:     t.Insert.Set,
 			}
 
+			if t.Query.Block {
+				insert.Filters = blockFilter
+			}
+
 			update := qcode.UpdateConfig{
 				Filters: t.Insert.Filters,
 				Columns: t.Insert.Columns,
 				Set:     t.Insert.Set,
 			}
 
+			if t.Query.Block {
+				update.Filters = blockFilter
+			}
+
 			delete := qcode.DeleteConfig{
 				Filters: t.Insert.Filters,
 				Columns: t.Insert.Columns,
 			}
 
+			if t.Query.Block {
+				delete.Filters = blockFilter
+			}
+
 			qc.AddRole(r.Name, t.Name, qcode.TRConfig{
 				Query:  query,
 				Insert: insert,