Skip to content

Commit

Permalink
Fix: Policy with query that contains another policy with default args (
Browse files Browse the repository at this point in the history 
…#336)
  • Loading branch information
@AleF83
AleF83 authored Jun 29, 2021
1 parent 6ea33e3 commit e4b8769
Show file tree
Hide file tree
Showing 10 changed files with 65 additions and 9 deletions.
5 changes: 4 additions & 1 deletion services/src/modules/registry-schema/resolvers/delete-resources.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ import { createGatewaySchema } from '../../apollo-server';
import { applyResourceGroupDeletions } from '../../resource-repository';
import { validateResourceGroupOrThrow } from '../validation';
import { transformResourceGroup as applyPluginForResourceGroup } from '../../plugins';
import { PolicyAttachmentsHelper } from '../helpers';
import { markOptionalPolicyArgs, PolicyAttachmentsHelper } from '../helpers';
import getResourceRepository from '../repository';
import { RegistryRequestContext, ResourceGroupMetadataInput } from '..';
import { updateRemoteGqlSchemas } from '../../directives/gql';
Expand Down Expand Up @@ -42,6 +42,9 @@ export default async function (deletions: ResourceGroupMetadataInput, context: R
logger.debug('Creating schema config...');
await createGatewaySchema(gatewayRg);

logger.debug('Marking optional policy arguments...');
markOptionalPolicyArgs(gatewayRg.policies);

logger.debug('Synchronizing policy attachments...');
await policyAttachments.sync(existingPolicies, gatewayRg.policies);

Expand Down
5 changes: 4 additions & 1 deletion services/src/modules/registry-schema/resolvers/rebuild-resource-group.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ import { updateRemoteGqlSchemas } from '../../directives/gql';
import { createGatewaySchema } from '../../apollo-server';
import logger from '../../logger';
import { transformResourceGroup as applyPluginsForResourceGroup } from '../../plugins';
import { PolicyAttachmentsHelper } from '../helpers';
import { markOptionalPolicyArgs, PolicyAttachmentsHelper } from '../helpers';
import getResourceRepository from '../repository';
import { validateResourceGroupOrThrow } from '../validation';

Expand Down Expand Up @@ -37,6 +37,9 @@ export default async function (context: RegistryRequestContext, dryRun = false)
logger.debug('Creating schema...');
await createGatewaySchema(gatewayRg);

logger.debug('Marking optional policy arguments...');
markOptionalPolicyArgs(gatewayRg.policies);

logger.debug('Synchronizing policy attachments...');
await policyAttachments.sync(existingPolicies, gatewayRg.policies);

Expand Down
2 changes: 1 addition & 1 deletion services/src/modules/registry-schema/resolvers/update-resource-group.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ export default async function (updates: ResourceGroupInput, context: RegistryReq
await createGatewaySchema(gatewayRg);

logger.debug('Marking optional policy arguments...');
markOptionalPolicyArgs(updates.policies);
markOptionalPolicyArgs(gatewayRg.policies);

logger.debug('Synchronizing policy attachments...');
await policyAttachments.sync(existingPolicies, gatewayRg.policies);
Expand Down
24 changes: 22 additions & 2 deletions services/tests/e2e/authorization/auth-with-queries.schema.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,6 +39,22 @@ export const policies: PolicyDefinition[] = [
hireDate: { type: 'Int' },
},
},
{
metadata: {
name: 'is-active',
namespace: 'auth-with-query',
},
type: PolicyType.opa,
code: `
default allow = false
allow {
input.args.active
}
`,
args: {
active: { type: 'Boolean!', default: '{ true }' },
},
},
{
metadata: {
name: 'notClassified',
Expand All @@ -50,11 +66,12 @@ export const policies: PolicyDefinition[] = [
allow {
input.query.classifiedDepartments[_].id != input.args.departmentId;
input.query.policy.auth_with_query___is_senior.allow
input.query.policy.auth_with_query___is_active.allow
}
`,
args: {
departmentId: { type: 'String', default: '{source.department.id}' },
hireDate: { type: 'Int', default: '{source.hireDate}' },
departmentId: { type: 'String!', default: '{source.department.id}' },
hireDate: { type: 'Int!', default: '{source.hireDate}' },
},
query: {
gql: print(gql`
Expand All @@ -66,6 +83,9 @@ export const policies: PolicyDefinition[] = [
auth_with_query___is_senior(hireDate: $hireDate) {
allow
}
auth_with_query___is_active {
allow
}
}
}
`),
Expand Down
10 changes: 10 additions & 0 deletions services/tests/integration/registry/__snapshots__/delete-resources.spec.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,9 +65,11 @@ Object {
Object {
"args": Object {
"an": Object {
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -132,9 +134,11 @@ Object {
Object {
"args": Object {
"an": Object {
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -199,9 +203,11 @@ Object {
Object {
"args": Object {
"an": Object {
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -262,9 +268,11 @@ Object {
Object {
"args": Object {
"an": Object {
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -379,9 +387,11 @@ Object {
Object {
"args": Object {
"an": Object {
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down
8 changes: 8 additions & 0 deletions services/tests/integration/registry/__snapshots__/rebuild-resources.spec.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -81,9 +83,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -156,9 +160,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -231,9 +237,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down
10 changes: 10 additions & 0 deletions services/tests/integration/registry/__snapshots__/update-resources.spec.ts.snap
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,9 +8,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -100,9 +102,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -175,9 +179,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -250,9 +256,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down Expand Up @@ -326,9 +334,11 @@ Object {
"args": Object {
"an": Object {
"default": "{source.an}",
"optional": true,
"type": "String",
},
"another": Object {
"optional": false,
"type": "String!",
},
},
Expand Down
2 changes: 2 additions & 0 deletions services/tests/integration/registry/delete-resources.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,9 +59,11 @@ const policy: PolicyDefinition = {
args: {
an: {
type: 'String',
optional: true,
},
another: {
type: 'String!',
optional: false,
},
},
query: {
Expand Down
4 changes: 2 additions & 2 deletions services/tests/integration/registry/rebuild-resources.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -61,8 +61,8 @@ const policy: PolicyDefinition = {
with multiple
lines`,
args: {
an: { type: 'String', default: '{source.an}' },
another: { type: 'String!' },
an: { type: 'String', default: '{source.an}', optional: true },
another: { type: 'String!', optional: false },
},
query: {
gql: 'some another gql',
Expand Down
4 changes: 2 additions & 2 deletions services/tests/integration/registry/update-resources.spec.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,8 +77,8 @@ const policy: PolicyDefinition = {
with multiple
lines`,
args: {
an: { type: 'String', default: '{source.an}' },
another: { type: 'String!' },
an: { type: 'String', default: '{source.an}', optional: true },
another: { type: 'String!', optional: false },
},
query: {
gql: 'some another gql',
Expand Down

0 comments on commit e4b8769

Please sign in to comment.