surrealpatch/lib/src/doc/allow.rs

use crate::ctx::Context;
use crate::dbs::Options;
use crate::dbs::Statement;
use crate::doc::Document;
use crate::err::Error;
use crate::sql::permission::Permission;

impl<'a> Document<'a> {
	pub async fn allow(
		&self,
		ctx: &Context<'_>,
		opt: &Options,
		stm: &Statement<'_>,
	) -> Result<(), Error> {
		// Check if this record exists
		if self.id.is_some() {
			// Should we run permissions checks?
			if opt.perms && opt.auth.perms() {
				// Clone transaction
				let txn = ctx.try_clone_transaction()?;
				// Get the table
				let tb = self.tb(opt, &txn).await?;
				// Get the permission clause
				let perms = if stm.is_delete() {
					&tb.permissions.delete
				} else if stm.is_select() {
					&tb.permissions.select
				} else if self.is_new() {
					&tb.permissions.create
				} else {
					&tb.permissions.update
				};
				// Process the table permissions
				match perms {
					Permission::None => return Err(Error::Ignore),
					Permission::Full => return Ok(()),
					Permission::Specific(e) => {
						// Disable permissions
						let opt = &opt.perms(false);
						let mut ctx = Context::new(ctx);
						ctx.add_cursor_doc(&self.current);
						// Process the PERMISSION clause
						if !e.compute(&ctx, opt).await?.is_truthy() {
							return Err(Error::Ignore);
						}
					}
				}
			}
		}
		// Carry on
		Ok(())
	}
}
Don’t clone variables when processing sub-contexts Closes SUR-53 When creating a new context for subqueries or statement clauses, we used to have to clone any variables/values, and freeze the context, so that it could be used across threads and async boundaries. Now with the new executor pattern for parallel queries, we can pass references instead, improving performance by removing unnecessary cloning of values. 2022-05-14 12:35:08 +00:00			`use crate::ctx::Context;`
Add initial iterator blueprint implementation 2022-02-06 01:14:56 +00:00			`use crate::dbs::Options;`
			`use crate::dbs::Statement;`
			`use crate::doc::Document;`
			`use crate::err::Error;`
Implement PERMISSIONS clauses 2022-04-05 20:41:49 +00:00			`use crate::sql::permission::Permission;`
Continue with initial code 2021-03-29 15:43:37 +00:00
Use copy-on-write semantics for document values Instead of blindly cloning document values (even if we don't need to mutate them), we now use copy-on-write semantics to only create a copy if we need to update a document value. This improves performance, especially when selecting documents. 2022-02-13 19:03:00 +00:00			`impl<'a> Document<'a> {`
Add initial iterator blueprint implementation 2022-02-06 01:14:56 +00:00			`pub async fn allow(`
			`&self,`
Don’t clone variables when processing sub-contexts Closes SUR-53 When creating a new context for subqueries or statement clauses, we used to have to clone any variables/values, and freeze the context, so that it could be used across threads and async boundaries. Now with the new executor pattern for parallel queries, we can pass references instead, improving performance by removing unnecessary cloning of values. 2022-05-14 12:35:08 +00:00			`ctx: &Context<'_>,`
Implement PERMISSIONS clauses 2022-04-05 20:41:49 +00:00			`opt: &Options,`
Don’t use static futures for parallel query execution Instead of using static futures when processing a query in parallel, we now use a new executor model, which allows us to process futures which make use of references. As a result, we can remove the need to store each statement in an Arc. 2022-05-13 20:46:56 +00:00			`stm: &Statement<'_>,`
Add initial iterator blueprint implementation 2022-02-06 01:14:56 +00:00			`) -> Result<(), Error> {`
Optimisation - only loop over document fields when processing PERMISSIONS clauses (#1890) 2023-04-29 23:23:19 +00:00			`// Check if this record exists`
			`if self.id.is_some() {`
			`// Should we run permissions checks?`
			`if opt.perms && opt.auth.perms() {`
Introduce query planner and indexing (#1899) 2023-06-19 18:41:13 +00:00			`// Clone transaction`
Feature - Search highlighting (#2132) 2023-06-21 18:31:15 +00:00			`let txn = ctx.try_clone_transaction()?;`
Optimisation - only loop over document fields when processing PERMISSIONS clauses (#1890) 2023-04-29 23:23:19 +00:00			`// Get the table`
Introduce query planner and indexing (#1899) 2023-06-19 18:41:13 +00:00			`let tb = self.tb(opt, &txn).await?;`
Optimisation - only loop over document fields when processing PERMISSIONS clauses (#1890) 2023-04-29 23:23:19 +00:00			`// Get the permission clause`
			`let perms = if stm.is_delete() {`
			`&tb.permissions.delete`
			`} else if stm.is_select() {`
			`&tb.permissions.select`
			`} else if self.is_new() {`
			`&tb.permissions.create`
			`} else {`
			`&tb.permissions.update`
			`};`
			`// Process the table permissions`
			`match perms {`
			`Permission::None => return Err(Error::Ignore),`
			`Permission::Full => return Ok(()),`
			`Permission::Specific(e) => {`
			`// Disable permissions`
			`let opt = &opt.perms(false);`
Introduce query planner and indexing (#1899) 2023-06-19 18:41:13 +00:00			`let mut ctx = Context::new(ctx);`
			`ctx.add_cursor_doc(&self.current);`
Optimisation - only loop over document fields when processing PERMISSIONS clauses (#1890) 2023-04-29 23:23:19 +00:00			`// Process the PERMISSION clause`
Introduce query planner and indexing (#1899) 2023-06-19 18:41:13 +00:00			`if !e.compute(&ctx, opt).await?.is_truthy() {`
Optimisation - only loop over document fields when processing PERMISSIONS clauses (#1890) 2023-04-29 23:23:19 +00:00			`return Err(Error::Ignore);`
			`}`
Implement PERMISSIONS clauses 2022-04-05 20:41:49 +00:00			`}`
			`}`
			`}`
			`}`
			`// Carry on`
Add initial iterator blueprint implementation 2022-02-06 01:14:56 +00:00			`Ok(())`
			`}`
			`}`