From d68cf05e4746244bcfa18fda962e29702d9c6d87 Mon Sep 17 00:00:00 2001
From: Josha von Gizycki <josha.von.gizycki@triology.de>
Date: Sat, 6 Mar 2021 22:11:45 +0100
Subject: [PATCH] list only schemas you have permissions for

---
 src/wanijo/infra/repl.clj        |  9 ++++++++-
 src/wanijo/schema/db.clj         | 11 +++++++----
 src/wanijo/schema/middleware.clj | 22 +++++++++-------------
 src/wanijo/schema/view.clj       |  2 +-
 4 files changed, 25 insertions(+), 19 deletions(-)

diff --git a/src/wanijo/infra/repl.clj b/src/wanijo/infra/repl.clj
index e97124f..664f693 100644
--- a/src/wanijo/infra/repl.clj
+++ b/src/wanijo/infra/repl.clj
@@ -88,10 +88,17 @@
 (defn init-version-2 []
   (neo4j/exec-query! migrate-links {}))
 
+(neo4j/defquery migrate-permissions
+  "MATCH (s:schema)-[:created_by]->(u:user)
+   MERGE (u)-[:permission {type:'write'}]->(s)")
+(defn init-version-3 []
+  (neo4j/exec-query! migrate-permissions {}))
+
 (def migrations
   [init-version-0
    init-version-1
-   init-version-2])
+   init-version-2
+   init-version-3])
 
 (defn run-migrations! []
   (neo4j/exec-query! init-config {:now (neo4j/now-str)})
diff --git a/src/wanijo/schema/db.clj b/src/wanijo/schema/db.clj
index 326f826..88bafa4 100644
--- a/src/wanijo/schema/db.clj
+++ b/src/wanijo/schema/db.clj
@@ -3,15 +3,16 @@
             [wanijo.schema.domain :as domain]
             [clojure.spec.alpha :as spec]))
 
-(neo4j/defquery all-created-by
-  "MATCH (s:schema)-[:created_by]->(u:user)
+(neo4j/defquery all-readable-by
+  "MATCH (s:schema)-[p:permission]-(u:user)
    WHERE u.uuid = $uuid
+     AND p.type IN ['read', 'write']
    RETURN s
    ORDER BY s.name")
-(defn all-created-by! [user-uuid]
+(defn all-readable-by! [user-uuid]
   (map :s
        (neo4j/exec-query!
-         all-created-by
+         all-readable-by
          {:uuid user-uuid})))
 
 (neo4j/defquery all
@@ -29,6 +30,8 @@
    SET s.name = $name
    SET s.uuid = $s_uuid
    SET s.created_at = $created_at
+   WITH u, s
+   CREATE (u)-[:permission {type:'write'}]->(s)
    RETURN s")
 (defn create-new! [schema-name user-uuid]
   (->>
diff --git a/src/wanijo/schema/middleware.clj b/src/wanijo/schema/middleware.clj
index b998924..68d93f7 100644
--- a/src/wanijo/schema/middleware.clj
+++ b/src/wanijo/schema/middleware.clj
@@ -8,7 +8,7 @@
     (if-let [uuid (get-in req [:session :uuid])]
       (handler (assoc-in req
                          [:session :schemas]
-                         (db/accessible-schemas! uuid)))
+                         (db/all-readable-by! uuid)))
       (handler req))))
 
 (defn write-permission-middleware! [schema-fn]
@@ -25,15 +25,11 @@
   (write-permission-middleware! #(get-in % [:params :uuid])))
 
 (defn wrap-allowed-to-read!
-  ([schema-fn]
-   (wrap-allowed-to-read! schema-fn
-                          (fn [_]
-                            (assoc (resp/redirect (path :schema-overview))
-                                   :flash ["No read permission for schema"]))))
-  ([schema-fn not-allowed-fn]
-   (fn [handler]
-     (fn [req]
-       (let [uuid (schema-fn req)]
-         (if (db/has-user-read-permissions? uuid (-> req :session :uuid))
-           (handler req)
-           (not-allowed-fn req)))))))
+  [schema-fn]
+  (fn [handler]
+    (fn [req]
+      (let [uuid (schema-fn req)]
+        (if (db/has-user-read-permissions? uuid (-> req :session :uuid))
+          (handler req)
+          (assoc (resp/redirect (path :schema-overview))
+            :flash ["No read permission for schema"]))))))
diff --git a/src/wanijo/schema/view.clj b/src/wanijo/schema/view.clj
index e499982..7af958d 100644
--- a/src/wanijo/schema/view.clj
+++ b/src/wanijo/schema/view.clj
@@ -13,7 +13,7 @@
 (defn overview! [req]
   (let [session (:session req)
         uuid (:uuid session)
-        schemas (domain/all-created-by! uuid)]
+        schemas (domain/all-readable-by! uuid)]
     (view/layout
      :request req
      :content