surrealpatch/sql/options.go

125 lines
2.5 KiB
Go
Raw Normal View History

// Copyright © 2016 Abcum Ltd
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package sql
import (
"github.com/abcum/fibre"
"github.com/abcum/surreal/cnf"
)
const (
// Root access
AuthKV int = iota
// Namespace access
AuthNS
// Database access
AuthDB
// Scoped user access
AuthTB
// No access
AuthNO
)
// options represents context runtime config.
type options struct {
kind int
auth map[string]string
conf map[string]string
}
func newOptions(c *fibre.Context) *options {
return &options{
kind: c.Get("kind").(int),
auth: c.Get("auth").(map[string]string),
conf: c.Get("conf").(map[string]string),
}
}
func (o *options) get(kind int) (kv, ns, db string, err error) {
kv = cnf.Settings.DB.Base
ns = o.conf["NS"]
db = o.conf["DB"]
if o.kind > kind {
err = &QueryError{}
return
}
if ns == "" || db == "" {
err = &BlankError{}
return
}
return
}
func (o *options) ns(ns string) (err error) {
// Check to see that the current user has
// the necessary access level to perform
// namespace switching / choosing.
if o.kind > AuthKV {
return &EntryError{}
}
// Check to see that the current user has
// the necessary authentcation privileges
// to be able to specify this namespace.
if o.auth["NS"] != "*" && o.auth["NS"] != ns {
return &EntryError{}
}
// Specify the NS on the context session, so
// that it is remembered across requests on
// any persistent connections.
o.conf["NS"] = ns
return
}
func (o *options) db(db string) (err error) {
// Check to see that the current user has
// the necessary access level to perform
// database switching / choosing.
if o.kind > AuthNS {
return &EntryError{}
}
// Check to see that the current user has
// the necessary authentcation privileges
// to be able to specify this namespace.
if o.auth["DB"] != "*" && o.auth["DB"] != db {
return &EntryError{}
}
// Specify the DB on the context session, so
// that it is remembered across requests on
// any persistent connections.
o.conf["DB"] = db
return
}