Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor(database,authorization,grpc-sdk): Mongo authz query aggregations #657

Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open

refactor(database,authorization,grpc-sdk): Mongo authz query aggregations #657

wants to merge 14 commits into from

Conversation

ChrisPdgn
Copy link
Contributor

@ChrisPdgn ChrisPdgn commented Jul 10, 2023
edited

This PR refactors the way we use access control in mongoose. Now, authorization module doesn't create views but returns authorized queries that calculate the accessible docs through aggregation.

What kind of change does this PR introduce?

  • Bugfix
  • Feature
  • Code style update
  • Refactor
  • Build-related changes
  • Other (please describe)

Does this PR introduce a breaking change?

  • Yes
  • No

The PR fulfills these requirements:

  • It's submitted to the main branch
  • When resolving a specific issue, it's referenced in the PR's description (e.g. fix #xxx, where "xxx" is the issue number)

If adding a new feature, the PR's description includes:

  • A convincing reason for adding this feature

Other information:

@ghost
Copy link

ghost commented Jul 10, 2023
edited by ghost

👇 Click on the image for a new way to code review

Review these changes using an interactive CodeSee Map

Legend

CodeSee Map legend

@ChrisPdgn ChrisPdgn marked this pull request as draft July 12, 2023 10:27
@ChrisPdgn ChrisPdgn marked this pull request as ready for review July 14, 2023 14:57
@kon14 kon14 changed the title refactor(database,authorization,grpc-sdk): refactor views in mongoose refactor(database,authorization,grpc-sdk): Mongo authz query aggregations Nov 20, 2023
@kon14
Copy link
Contributor

kon14 commented Nov 20, 2023

This seems to be working as expected.

We should ideally delete any View docs for Mongo users, but given how the gRPC API already exposed view creation we could be deleting non-authz ones explicitly created by the users themselves.

@kon14 kon14 marked this pull request as draft November 20, 2023 13:28
@kon14 kon14 marked this pull request as ready for review November 20, 2023 13:32
kkopanidis and others added 5 commits November 21, 2023 12:35
@kkopanidis
Merge branch 'main' into refactor-views
4e364cf
@kon14
Merge branch 'main' into refactor-views
664c841
@kon14
fix(database): mongo schema invalid authz query checks, descriptive e…
a51eeb5 
…rrors
@kon14
fix(database): query types, Authz check condition cleanups (#817)
375adeb 
* fix(database): parsedQuery types

* fix(database): sql/mongo null queries ignored due to authz checks

* fix(database): isNil checks not checking empty objects

* fix(database): null-less query types
@kkopanidis
Merge branch 'main' into refactor-views
f5c1d19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kon14 kon14 kon14 approved these changes

@kkopanidis kkopanidis Awaiting requested review from kkopanidis

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@ChrisPdgn @kon14 @kkopanidis