fix: vars not sanitized in roles_query

README.md

@@ -15,10 +15,7 @@ Designed to 100x your developer productivity. Super Graph will instantly and wit
 ## Using it as a service
 
 ```console
-git clone https://github.com/dosco/super-graph 
+get get https://github.com/dosco/super-graph 
-cd ./super-graph
-make install
-
 super-graph new <app_name>
 ```
 

config/dev.yml

@@ -116,12 +116,12 @@ database:
   # database ping timeout is used for db health checking
   ping_timeout: 1m
 
-  # Define additional variables here to be used with filters
+# Define additional variables here to be used with filters
-  variables:
+variables:
   admin_account_id: "5"
 
-  # Field and table names that you wish to block
+# Field and table names that you wish to block
-  blocklist:
+blocklist:
   - ar_internal_metadata
   - schema_migrations
   - secret

core/init.go

@@ -71,7 +71,7 @@ func (sg *SuperGraph) initConfig() error {
 	}
 
 	// Roles: validate and sanitize
-	c.RolesQuery = sanitize(c.RolesQuery)
+	c.RolesQuery = sanitizeVars(c.RolesQuery)
 
 	if len(c.RolesQuery) == 0 {
 		sg.log.Printf("WRN roles_query not defined: attribute based access control disabled")

examples/rails-app/demo.yml

@@ -3,6 +3,11 @@ services:
   db:
     image: postgres
     tmpfs: /var/lib/postgresql/data
+    environment:
+      POSTGRES_USER: postgres
+      POSTGRES_PASSWORD: postgres
+    ports:
+      - "5432:5432"
       
   rails_app:
     image: dosco/super-graph-demo:latest