Add built in 'anon' and 'user' roles

2019-10-15 02:30:19 -04:00
parent deb5b93c81
commit c797deb4d0
12 changed files with 553 additions and 102 deletions
--- a/serv/cmd.go
+++ b/serv/cmd.go
@ -10,7 +10,6 @@ import (
 	"github.com/dosco/super-graph/qcode"
 	"github.com/gobuffalo/flect"
 	"github.com/jackc/pgx/v4"
-	"github.com/jackc/pgx/v4/log/zerologadapter"
 	"github.com/jackc/pgx/v4/pgxpool"
 	"github.com/rs/zerolog"
 	"github.com/spf13/cobra"
@ -217,7 +216,7 @@ func initDB(c *config, useDB bool) (*pgx.Conn, error) {
 		config.LogLevel = pgx.LogLevelNone
 	}

-	config.Logger = zerologadapter.NewLogger(*logger)
+	config.Logger = NewSQLLogger(*logger)

 	db, err := pgx.ConnectConfig(context.Background(), config)
 	if err != nil {
@ -252,7 +251,7 @@ func initDBPool(c *config) (*pgxpool.Pool, error) {
 		config.ConnConfig.LogLevel = pgx.LogLevelNone
 	}

-	config.ConnConfig.Logger = zerologadapter.NewLogger(*logger)
+	config.ConnConfig.Logger = NewSQLLogger(*logger)

 	// if c.DB.MaxRetries != 0 {
 	// 	opt.MaxRetries = c.DB.MaxRetries
--- a/serv/cmd_seed.go
+++ b/serv/cmd_seed.go
@ -67,7 +67,7 @@ func graphQLFunc(query string, data interface{}) map[string]interface{} {
 	c.req.Query = query
 	c.req.Vars = b

-	res, err := c.execQuery()
+	res, err := c.execQuery("user")
 	if err != nil {
 		logger.Fatal().Err(err).Msg("graphql query failed")
 	}
--- a/serv/core.go
+++ b/serv/core.go
@ -32,7 +32,15 @@ func (c *coreContext) handleReq(w io.Writer, req *http.Request) error {
 	c.req.ref = req.Referer()
 	c.req.hdr = req.Header

-	b, err := c.execQuery()
+	var role string
+
+	if authCheck(c) {
+		role = "user"
+	} else {
+		role = "anon"
+	}
+
+	b, err := c.execQuery(role)
 	if err != nil {
 		return err
 	}
@ -40,12 +48,14 @@ func (c *coreContext) handleReq(w io.Writer, req *http.Request) error {
 	return c.render(w, b)
 }

-func (c *coreContext) execQuery() ([]byte, error) {
+func (c *coreContext) execQuery(role string) ([]byte, error) {
 	var err error
 	var skipped uint32
 	var qc *qcode.QCode
 	var data []byte

+	logger.Debug().Str("role", role).Msg(c.req.Query)
+
 	if conf.UseAllowList {
 		var ps *preparedItem

@ -59,7 +69,7 @@ func (c *coreContext) execQuery() ([]byte, error) {

 	} else {

-		qc, err = qcompile.Compile([]byte(c.req.Query), "user")
+		qc, err = qcompile.Compile([]byte(c.req.Query), role)
 		if err != nil {
 			return nil, err
 		}
--- a/serv/http.go
+++ b/serv/http.go
@ -94,42 +94,7 @@ func apiv1Http(w http.ResponseWriter, r *http.Request) {
 	}

 	if strings.EqualFold(ctx.req.OpName, introspectionQuery) {
-		// dat, err := ioutil.ReadFile("test.schema")
-		// if err != nil {
-		// 	http.Error(w, err.Error(), http.StatusInternalServerError)
-		// 	return
-		// }
-		//w.Write(dat)
-		w.Header().Set("Content-Type", "application/json")
-		w.Write([]byte(`{
-			"data": {
-				"__schema": {
-					"queryType": {
-						"name": "Query"
-					},
-					"mutationType": null,
-					"subscriptionType": null
-				}
-			},
-			"extensions":{  
-				"tracing":{  
-					"version":1,
-					"startTime":"2019-06-04T19:53:31.093Z",
-					"endTime":"2019-06-04T19:53:31.108Z",
-					"duration":15219720,
-					"execution": {
-						"resolvers": [{
-							"path": ["__schema"],
-							"parentType":	"Query",
-							"fieldName": "__schema",
-							"returnType":	"__Schema!",
-							"startOffset": 50950,
-							"duration": 17187
-						}]
-					}
-				}
-			}
-		}`))
+		introspect(w)
 		return
 	}

--- a/serv/introsp.go
+++ b/serv/introsp.go
@ -0,0 +1,36 @@
+package serv
+
+import "net/http"
+
+func introspect(w http.ResponseWriter) {
+	w.Header().Set("Content-Type", "application/json")
+	w.Write([]byte(`{
+		"data": {
+			"__schema": {
+				"queryType": {
+					"name": "Query"
+				},
+				"mutationType": null,
+				"subscriptionType": null
+			}
+		},
+		"extensions":{  
+			"tracing":{  
+				"version":1,
+				"startTime":"2019-06-04T19:53:31.093Z",
+				"endTime":"2019-06-04T19:53:31.108Z",
+				"duration":15219720,
+				"execution": {
+					"resolvers": [{
+						"path": ["__schema"],
+						"parentType":	"Query",
+						"fieldName": "__schema",
+						"returnType":	"__Schema!",
+						"startOffset": 50950,
+						"duration": 17187
+					}]
+				}
+			}
+		}
+	}`))
+}
--- a/serv/prepare.go
+++ b/serv/prepare.go
@ -30,7 +30,7 @@ func initPreparedList() {
 	for k, v := range _allowList.list {
 		err := prepareStmt(k, v.gql, v.vars)
 		if err != nil {
-			logger.Warn().Err(err).Send()
+			logger.Warn().Str("gql", v.gql).Err(err).Send()
 		}
 	}
 }
--- a/serv/sqllog.go
+++ b/serv/sqllog.go
@ -0,0 +1,45 @@
+package serv
+
+import (
+	"context"
+
+	"github.com/jackc/pgx/v4"
+	"github.com/rs/zerolog"
+)
+
+type Logger struct {
+	logger zerolog.Logger
+}
+
+// NewLogger accepts a zerolog.Logger as input and returns a new custom pgx
+// logging fascade as output.
+func NewSQLLogger(logger zerolog.Logger) *Logger {
+	return &Logger{
+		logger: logger.With().Logger(),
+	}
+}
+
+func (pl *Logger) Log(ctx context.Context, level pgx.LogLevel, msg string, data map[string]interface{}) {
+	var zlevel zerolog.Level
+	switch level {
+	case pgx.LogLevelNone:
+		zlevel = zerolog.NoLevel
+	case pgx.LogLevelError:
+		zlevel = zerolog.ErrorLevel
+	case pgx.LogLevelWarn:
+		zlevel = zerolog.WarnLevel
+	case pgx.LogLevelInfo:
+		zlevel = zerolog.InfoLevel
+	case pgx.LogLevelDebug:
+		zlevel = zerolog.DebugLevel
+	default:
+		zlevel = zerolog.DebugLevel
+	}
+
+	if sql, ok := data["sql"]; ok {
+		delete(data, "sql")
+		pl.logger.WithLevel(zlevel).Fields(data).Msg(sql.(string))
+	} else {
+		pl.logger.WithLevel(zlevel).Fields(data).Msg(msg)
+	}
+}