Fix document not being available to delete permissions clause (#3555)
This commit is contained in:
parent
429ca31faa
commit
25c704a77f
2 changed files with 66 additions and 2 deletions
|
@ -37,7 +37,19 @@ impl<'a> Document<'a> {
|
||||||
// Disable permissions
|
// Disable permissions
|
||||||
let opt = &opt.new_with_perms(false);
|
let opt = &opt.new_with_perms(false);
|
||||||
// Process the PERMISSION clause
|
// Process the PERMISSION clause
|
||||||
if !e.compute(ctx, opt, txn, Some(&self.current)).await?.is_truthy() {
|
if !e
|
||||||
|
.compute(
|
||||||
|
ctx,
|
||||||
|
opt,
|
||||||
|
txn,
|
||||||
|
Some(match stm.is_delete() {
|
||||||
|
true => &self.initial,
|
||||||
|
false => &self.current,
|
||||||
|
}),
|
||||||
|
)
|
||||||
|
.await?
|
||||||
|
.is_truthy()
|
||||||
|
{
|
||||||
return Err(Error::Ignore);
|
return Err(Error::Ignore);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -6,7 +6,7 @@ use helpers::new_ds;
|
||||||
use surrealdb::dbs::{Action, Notification, Session};
|
use surrealdb::dbs::{Action, Notification, Session};
|
||||||
use surrealdb::err::Error;
|
use surrealdb::err::Error;
|
||||||
use surrealdb::iam::Role;
|
use surrealdb::iam::Role;
|
||||||
use surrealdb::sql::Value;
|
use surrealdb::sql::{Thing, Value};
|
||||||
|
|
||||||
#[tokio::test]
|
#[tokio::test]
|
||||||
async fn delete() -> Result<(), Error> {
|
async fn delete() -> Result<(), Error> {
|
||||||
|
@ -426,3 +426,55 @@ async fn delete_filtered_live_notification() -> Result<(), Error> {
|
||||||
);
|
);
|
||||||
Ok(())
|
Ok(())
|
||||||
}
|
}
|
||||||
|
|
||||||
|
#[tokio::test]
|
||||||
|
async fn delete_with_permissions() -> Result<(), Error> {
|
||||||
|
let sql = "
|
||||||
|
DEFINE TABLE friends_with PERMISSIONS FOR delete WHERE in = $auth;
|
||||||
|
CREATE user:john, user:mary;
|
||||||
|
RELATE user:john->friends_with:1->user:mary;
|
||||||
|
RELATE user:mary->friends_with:2->user:john;
|
||||||
|
";
|
||||||
|
let dbs = new_ds().await?.with_auth_enabled(true);
|
||||||
|
let ses = Session::owner().with_ns("test").with_db("test");
|
||||||
|
let res = &mut dbs.execute(sql, &ses, None).await?;
|
||||||
|
assert_eq!(res.len(), 4);
|
||||||
|
//
|
||||||
|
let tmp = res.remove(0).result;
|
||||||
|
assert!(tmp.is_ok());
|
||||||
|
//
|
||||||
|
let tmp = res.remove(0).result;
|
||||||
|
assert!(tmp.is_ok());
|
||||||
|
//
|
||||||
|
let tmp = res.remove(0).result;
|
||||||
|
assert!(tmp.is_ok());
|
||||||
|
//
|
||||||
|
let tmp = res.remove(0).result;
|
||||||
|
assert!(tmp.is_ok());
|
||||||
|
//
|
||||||
|
let sql = "
|
||||||
|
DELETE friends_with:1 RETURN BEFORE;
|
||||||
|
DELETE friends_with:2 RETURN BEFORE;
|
||||||
|
";
|
||||||
|
let ses = Session::for_scope("test", "test", "test", Thing::from(("user", "john")).into());
|
||||||
|
let res = &mut dbs.execute(sql, &ses, None).await?;
|
||||||
|
assert_eq!(res.len(), 2);
|
||||||
|
//
|
||||||
|
let tmp = res.remove(0).result?;
|
||||||
|
let val = Value::parse(
|
||||||
|
"[
|
||||||
|
{
|
||||||
|
id: friends_with:1,
|
||||||
|
in: user:john,
|
||||||
|
out: user:mary,
|
||||||
|
},
|
||||||
|
]",
|
||||||
|
);
|
||||||
|
assert_eq!(tmp, val);
|
||||||
|
//
|
||||||
|
let tmp = res.remove(0).result?;
|
||||||
|
let val = Value::parse("[]");
|
||||||
|
assert_eq!(tmp, val);
|
||||||
|
//
|
||||||
|
Ok(())
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue