cratestack-sqlx 0.4.3

Rust-native schema-first framework for typed HTTP APIs, generated clients, and backend services.
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125

//! Per-`ReadPredicate` pusher used by [`super::policy::push_policy_expr_query`].
//! Most predicates evaluate at render time against `ctx` and collapse
//! to a `TRUE`/`FALSE` SQL constant; comparison predicates emit one
//! bind slot.

use cratestack_core::CoolContext;
use cratestack_policy::{context_has_role, context_in_tenant};

use crate::{PolicyLiteral, ReadPredicate, sqlx};

use super::policy_relation::push_relation_policy_query;
use super::values::{auth_value_to_sql, push_bind_value, value_matches_auth_literal};

pub(super) fn push_policy_predicate(
    query: &mut sqlx::QueryBuilder<'_, sqlx::Postgres>,
    predicate: ReadPredicate,
    ctx: &CoolContext,
) {
    match predicate {
        ReadPredicate::AuthNotNull => {
            query.push(if ctx.is_authenticated() {
                "TRUE"
            } else {
                "FALSE"
            });
        }
        ReadPredicate::AuthIsNull => {
            query.push(if ctx.is_authenticated() {
                "FALSE"
            } else {
                "TRUE"
            });
        }
        ReadPredicate::HasRole { role } => {
            query.push(if context_has_role(ctx, role) {
                "TRUE"
            } else {
                "FALSE"
            });
        }
        ReadPredicate::InTenant { tenant_id } => {
            query.push(if context_in_tenant(ctx, tenant_id) {
                "TRUE"
            } else {
                "FALSE"
            });
        }
        ReadPredicate::AuthFieldEqLiteral { auth_field, value } => {
            query.push(
                if ctx
                    .auth_field(auth_field)
                    .is_some_and(|candidate| value_matches_auth_literal(candidate, value))
                {
                    "TRUE"
                } else {
                    "FALSE"
                },
            );
        }
        ReadPredicate::AuthFieldNeLiteral { auth_field, value } => {
            query.push(
                if ctx
                    .auth_field(auth_field)
                    .is_some_and(|candidate| !value_matches_auth_literal(candidate, value))
                {
                    "TRUE"
                } else {
                    "FALSE"
                },
            );
        }
        ReadPredicate::FieldIsTrue { column } => {
            query.push(column).push(" = TRUE");
        }
        ReadPredicate::FieldEqLiteral { column, value } => {
            query.push(column).push(" = ");
            push_policy_literal(query, value);
        }
        ReadPredicate::FieldNeLiteral { column, value } => {
            query.push(column).push(" != ");
            push_policy_literal(query, value);
        }
        ReadPredicate::FieldEqAuth { column, auth_field } => {
            if let Some(value) = auth_value_to_sql(ctx, auth_field) {
                query.push(column).push(" = ");
                push_bind_value(query, &value);
            } else {
                query.push("FALSE");
            }
        }
        ReadPredicate::FieldNeAuth { column, auth_field } => {
            if let Some(value) = auth_value_to_sql(ctx, auth_field) {
                query.push(column).push(" != ");
                push_bind_value(query, &value);
            } else {
                query.push("FALSE");
            }
        }
        ReadPredicate::Relation {
            quantifier,
            parent_table,
            parent_column,
            related_table,
            related_column,
            expr,
        } => push_relation_policy_query(
            query,
            quantifier,
            parent_table,
            parent_column,
            related_table,
            related_column,
            expr,
            ctx,
        ),
    }
}

fn push_policy_literal(query: &mut sqlx::QueryBuilder<'_, sqlx::Postgres>, literal: PolicyLiteral) {
    match literal {
        PolicyLiteral::Bool(value) => query.push_bind(value),
        PolicyLiteral::Int(value) => query.push_bind(value),
        PolicyLiteral::String(value) => query.push_bind(value.to_owned()),
    };
}