list only schemas you have permissions for

4 years ago · d68cf05e47
parent d81106b7c3
commit d68cf05e47
4 changed files with 25 additions and 19 deletions
--- a/src/wanijo/infra/repl.clj
+++ b/src/wanijo/infra/repl.clj
@ -88,10 +88,17 @@
 (defn init-version-2 []
  (neo4j/exec-query! migrate-links {}))

+(neo4j/defquery migrate-permissions
+  "MATCH (s:schema)-[:created_by]->(u:user)
+   MERGE (u)-[:permission {type:'write'}]->(s)")
+(defn init-version-3 []
+  (neo4j/exec-query! migrate-permissions {}))
+
 (def migrations
  [init-version-0
   init-version-1
-   init-version-2])
+   init-version-2
+   init-version-3])

 (defn run-migrations! []
  (neo4j/exec-query! init-config {:now (neo4j/now-str)})
--- a/src/wanijo/schema/db.clj
+++ b/src/wanijo/schema/db.clj
@ -3,15 +3,16 @@
            [wanijo.schema.domain :as domain]
            [clojure.spec.alpha :as spec]))

-(neo4j/defquery all-created-by
-  "MATCH (s:schema)-[:created_by]->(u:user)
+(neo4j/defquery all-readable-by
+  "MATCH (s:schema)-[p:permission]-(u:user)
   WHERE u.uuid = $uuid
+     AND p.type IN ['read', 'write']
   RETURN s
   ORDER BY s.name")
-(defn all-created-by! [user-uuid]
+(defn all-readable-by! [user-uuid]
  (map :s
       (neo4j/exec-query!
-         all-created-by
+         all-readable-by
         {:uuid user-uuid})))

 (neo4j/defquery all
@ -29,6 +30,8 @@
   SET s.name = $name
   SET s.uuid = $s_uuid
   SET s.created_at = $created_at
+   WITH u, s
+   CREATE (u)-[:permission {type:'write'}]->(s)
   RETURN s")
 (defn create-new! [schema-name user-uuid]
  (->>
--- a/src/wanijo/schema/middleware.clj
+++ b/src/wanijo/schema/middleware.clj
@ -8,7 +8,7 @@
    (if-let [uuid (get-in req [:session :uuid])]
      (handler (assoc-in req
                         [:session :schemas]
-                         (db/accessible-schemas! uuid)))
+                         (db/all-readable-by! uuid)))
      (handler req))))

 (defn write-permission-middleware! [schema-fn]
@ -25,15 +25,11 @@
  (write-permission-middleware! #(get-in % [:params :uuid])))

 (defn wrap-allowed-to-read!
-  ([schema-fn]
-   (wrap-allowed-to-read! schema-fn
-                          (fn [_]
-                            (assoc (resp/redirect (path :schema-overview))
-                                   :flash ["No read permission for schema"]))))
-  ([schema-fn not-allowed-fn]
-   (fn [handler]
-     (fn [req]
-       (let [uuid (schema-fn req)]
-         (if (db/has-user-read-permissions? uuid (-> req :session :uuid))
-           (handler req)
-           (not-allowed-fn req)))))))
+  [schema-fn]
+  (fn [handler]
+    (fn [req]
+      (let [uuid (schema-fn req)]
+        (if (db/has-user-read-permissions? uuid (-> req :session :uuid))
+          (handler req)
+          (assoc (resp/redirect (path :schema-overview))
+            :flash ["No read permission for schema"]))))))
--- a/src/wanijo/schema/view.clj
+++ b/src/wanijo/schema/view.clj
@ -13,7 +13,7 @@
 (defn overview! [req]
  (let [session (:session req)
        uuid (:uuid session)
-        schemas (domain/all-created-by! uuid)]
+        schemas (domain/all-readable-by! uuid)]
    (view/layout
     :request req
     :content