diff --git a/server/graphql-engine.cabal b/server/graphql-engine.cabal index c5a5a8eab32f3..b0d9c6ebae193 100644 --- a/server/graphql-engine.cabal +++ b/server/graphql-engine.cabal @@ -665,6 +665,13 @@ library , Hasura.Logging , Hasura.HTTP , Hasura.PingSources + + , Hasura.Authentication.Header + , Hasura.Authentication.Headers + , Hasura.Authentication.Role + , Hasura.Authentication.Session + , Hasura.Authentication.User + , Hasura.Server.API.Backend , Hasura.Server.API.Instances , Hasura.Server.API.Metadata @@ -722,7 +729,6 @@ library , Hasura.GraphQL.Logging.QueryLog , Hasura.GraphQL.Logging.ExecutionLog , Hasura.RQL.DML.Select - , Hasura.Session , Hasura.Server.API.Config , Hasura.Server.Metrics @@ -801,6 +807,7 @@ library , Hasura.RemoteSchema.SchemaCache.RemoteRelationship , Hasura.RemoteSchema.SchemaCache.Build , Hasura.RemoteSchema.SchemaCache + , Hasura.RQL.Types.Action , Hasura.RQL.Types.Allowlist , Hasura.RQL.Types.ApiLimit @@ -838,7 +845,6 @@ library , Hasura.RQL.Types.Relationships.Remote , Hasura.RQL.Types.Relationships.ToSource , Hasura.RQL.Types.ResultCustomization - , Hasura.RQL.Types.Roles , Hasura.RQL.Types.Roles.Internal , Hasura.RQL.Types.ResizePool , Hasura.RQL.Types.ScheduledTrigger @@ -848,7 +854,6 @@ library , Hasura.RQL.Types.SchemaCache.Instances , Hasura.RQL.Types.SchemaCacheTypes , Hasura.RQL.Types.Schema.Options - , Hasura.RQL.Types.Session , Hasura.RQL.Types.Source , Hasura.RQL.Types.Source.Column , Hasura.RQL.Types.Source.Table @@ -1182,6 +1187,7 @@ test-suite graphql-engine-tests Data.TimeSpec Data.TrieSpec Hasura.AppSpec + Hasura.Authentication.SessionSpec Hasura.Base.Error.TestInstances Hasura.Backends.BigQuery.SourceSpec Hasura.Backends.BigQuery.TypesSpec @@ -1248,7 +1254,6 @@ test-suite graphql-engine-tests Hasura.Server.InitSpec Hasura.Server.Init.ArgSpec Hasura.Server.ResourceCheckerSpec - Hasura.SessionSpec Hasura.SQL.BackendMapSpec Hasura.SQL.WKTSpec Hasura.Tracing.TraceIdSpec diff --git a/server/lib/test-harness/src/Harness/Webhook.hs b/server/lib/test-harness/src/Harness/Webhook.hs index e17fcfe0e7d8f..bde00118aee6b 100644 --- a/server/lib/test-harness/src/Harness/Webhook.hs +++ b/server/lib/test-harness/src/Harness/Webhook.hs @@ -23,9 +23,9 @@ import Data.Text.Extended ((<>>)) import Harness.Http qualified as Http import Harness.Test.TestResource (AcquiredResource (..), Managed, mkTestResource) import Harness.TestEnvironment (Server (..), serverUrl) +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error (iResultToMaybe) import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName) import Hasura.Server.Utils (executeJSONPath, quoteRegex) import Network.HTTP.Client.Transformable qualified as HTTP import Network.Socket qualified as Socket diff --git a/server/src-lib/Data/Aeson/Kriti/Functions.hs b/server/src-lib/Data/Aeson/Kriti/Functions.hs index d7082a8a49a30..5bee69bde879c 100644 --- a/server/src-lib/Data/Aeson/Kriti/Functions.hs +++ b/server/src-lib/Data/Aeson/Kriti/Functions.hs @@ -13,8 +13,8 @@ import Data.Aeson qualified as J import Data.Environment qualified as Env import Data.HashMap.Strict qualified as HashMap import Data.Text qualified as T +import Hasura.Authentication.Session (SessionVariables, getSessionVariableValue, mkSessionVariable) import Hasura.Prelude -import Hasura.Session (SessionVariables, getSessionVariableValue, mkSessionVariable) import Kriti qualified import Kriti.CustomFunctions qualified as Kriti import Kriti.Error (SerializeError (serialize), SerializedError) diff --git a/server/src-lib/Hasura/App.hs b/server/src-lib/Hasura/App.hs index 076a0ca782acd..f62dd7966ff8f 100644 --- a/server/src-lib/Hasura/App.hs +++ b/server/src-lib/Hasura/App.hs @@ -87,6 +87,8 @@ import Database.PG.Query qualified as PG import Database.PG.Query qualified as Q import GHC.AssertNF.CPP import Hasura.App.State +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.User (ExtraUserInfo (..), UserInfo (..)) import Hasura.Backends.MSSQL.Connection import Hasura.Backends.Postgres.Connection import Hasura.Base.Error @@ -131,7 +133,6 @@ import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.ResizePool -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build import Hasura.RQL.Types.Source @@ -157,7 +158,6 @@ import Hasura.Server.Telemetry import Hasura.Server.Types import Hasura.Server.Version import Hasura.Services -import Hasura.Session import Hasura.ShutdownLatch import Hasura.Tracing import Network.HTTP.Client qualified as HTTP diff --git a/server/src-lib/Hasura/App/State.hs b/server/src-lib/Hasura/App/State.hs index f712b1afe33ce..4456f4576936d 100644 --- a/server/src-lib/Hasura/App/State.hs +++ b/server/src-lib/Hasura/App/State.hs @@ -28,6 +28,7 @@ import Control.Monad.Trans.Control (MonadBaseControl) import Data.Environment qualified as E import Data.HashSet qualified as Set import Database.PG.Query qualified as PG +import Hasura.Authentication.Role (RoleName) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Base.Error import Hasura.CredentialCache @@ -44,7 +45,6 @@ import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.NamingCase -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RQL.Types.SchemaCache (MetadataResourceVersion) import Hasura.Server.Auth diff --git a/server/src-lib/Hasura/Authentication/Header.hs b/server/src-lib/Hasura/Authentication/Header.hs new file mode 100644 index 0000000000000..14c73caa96182 --- /dev/null +++ b/server/src-lib/Hasura/Authentication/Header.hs @@ -0,0 +1,32 @@ +module Hasura.Authentication.Header + ( filterHeaders, + getRequestHeader, + mkSetCookieHeaders, + redactSensitiveHeader, + ) +where + +import Control.Lens +import Data.ByteString (ByteString) +import Data.HashSet qualified as HashSet +import Hasura.Authentication.Headers +import Hasura.Prelude +import Network.HTTP.Types qualified as HTTP +import Network.Wreq qualified as Wreq + +getRequestHeader :: HTTP.HeaderName -> [HTTP.Header] -> Maybe ByteString +getRequestHeader hdrName hdrs = snd <$> mHeader + where + mHeader = find (\h -> fst h == hdrName) hdrs + +filterHeaders :: HashSet HTTP.HeaderName -> [HTTP.Header] -> [HTTP.Header] +filterHeaders list = filter (\(n, _) -> not $ n `HashSet.member` list) + +redactSensitiveHeader :: HTTP.Header -> HTTP.Header +redactSensitiveHeader (headerName, value) = (headerName, if headerName `elem` sensitiveHeaders then "" else value) + +mkSetCookieHeaders :: Wreq.Response a -> HTTP.ResponseHeaders +mkSetCookieHeaders resp = + map (headerName,) $ resp ^.. Wreq.responseHeader headerName + where + headerName = "Set-Cookie" diff --git a/server/src-lib/Hasura/Authentication/Headers.hs b/server/src-lib/Hasura/Authentication/Headers.hs new file mode 100644 index 0000000000000..6c3b28140c359 --- /dev/null +++ b/server/src-lib/Hasura/Authentication/Headers.hs @@ -0,0 +1,76 @@ +module Hasura.Authentication.Headers + ( adminSecretHeader, + contentLengthHeader, + deprecatedAccessKeyHeader, + gzipHeader, + jsonHeader, + requestIdHeader, + sqlHeader, + useBackendOnlyPermissionsHeader, + userIdHeader, + userRoleHeader, + sensitiveHeaders, + commonClientHeadersIgnored, + ) +where + +import Data.HashSet qualified as HashSet +import Hasura.Prelude +import Network.HTTP.Types qualified as HTTP + +jsonHeader :: HTTP.Header +jsonHeader = ("Content-Type", "application/json; charset=utf-8") + +sqlHeader :: HTTP.Header +sqlHeader = ("Content-Type", "application/sql; charset=utf-8") + +gzipHeader :: HTTP.Header +gzipHeader = ("Content-Encoding", "gzip") + +userRoleHeader :: (IsString a) => a +userRoleHeader = "x-hasura-role" + +deprecatedAccessKeyHeader :: (IsString a) => a +deprecatedAccessKeyHeader = "x-hasura-access-key" + +adminSecretHeader :: (IsString a) => a +adminSecretHeader = "x-hasura-admin-secret" + +userIdHeader :: (IsString a) => a +userIdHeader = "x-hasura-user-id" + +requestIdHeader :: (IsString a) => a +requestIdHeader = "x-request-id" + +contentLengthHeader :: (IsString a) => a +contentLengthHeader = "Content-Length" + +useBackendOnlyPermissionsHeader :: (IsString a) => a +useBackendOnlyPermissionsHeader = "x-hasura-use-backend-only-permissions" + +sensitiveHeaders :: HashSet HTTP.HeaderName +sensitiveHeaders = + HashSet.fromList + [ "Access-Token", + "Authorization", + "Cookie" + ] + +-- ignore the following request headers from the client +commonClientHeadersIgnored :: (IsString a) => [a] +commonClientHeadersIgnored = + [ "Content-Length", + "Content-MD5", + "User-Agent", + "Host", + "Origin", + "Referer", + "Accept", + "Accept-Encoding", + "Accept-Language", + "Accept-Datetime", + "Cache-Control", + "Connection", + "DNT", + "Content-Type" + ] diff --git a/server/src-lib/Hasura/RQL/Types/Roles.hs b/server/src-lib/Hasura/Authentication/Role.hs similarity index 98% rename from server/src-lib/Hasura/RQL/Types/Roles.hs rename to server/src-lib/Hasura/Authentication/Role.hs index a9237b1da189b..49f7568cb4a38 100644 --- a/server/src-lib/Hasura/RQL/Types/Roles.hs +++ b/server/src-lib/Hasura/Authentication/Role.hs @@ -1,4 +1,4 @@ -module Hasura.RQL.Types.Roles +module Hasura.Authentication.Role ( DropInheritedRole (..), InheritedRole, ParentRoles (..), diff --git a/server/src-lib/Hasura/Authentication/Session.hs b/server/src-lib/Hasura/Authentication/Session.hs new file mode 100644 index 0000000000000..dce18b7f2b9b2 --- /dev/null +++ b/server/src-lib/Hasura/Authentication/Session.hs @@ -0,0 +1,154 @@ +module Hasura.Authentication.Session + ( SessionVariable, + SessionVariables (..), + SessionVariableValue, + parseSessionVariable, + sessionVariableToText, + mkSessionVariable, + mkSessionVariablesText, + isSessionVariable, + filterSessionVariables, + sessionVariableToGraphQLName, + sessionVariablesToHeaders, + mkSessionVariablesHeaders, + getSessionVariableValue, + getSessionVariablesSet, + getSessionVariables, + maybeRoleFromSessionVariables, + mkClientHeadersForward, + ) +where + +import Data.Aeson +import Data.Aeson.Types (Parser, toJSONKeyText) +import Data.CaseInsensitive qualified as CI +import Data.HashMap.Strict qualified as HashMap +import Data.HashSet qualified as HashSet +import Data.Text qualified as T +import Data.Text.Extended +import Hasura.Authentication.Header (filterHeaders) +import Hasura.Authentication.Headers (commonClientHeadersIgnored, userRoleHeader) +import Hasura.Authentication.Role (RoleName, mkRoleName) +import Hasura.Prelude +import Language.GraphQL.Draft.Syntax qualified as G +import Network.HTTP.Types qualified as HTTP + +newtype SessionVariable = SessionVariable {unSessionVariable :: CI.CI Text} + deriving (Show, Eq, Hashable, IsString, Data, NFData, Ord) + +instance ToJSON SessionVariable where + toJSON = toJSON . CI.original . unSessionVariable + +instance ToJSONKey SessionVariable where + toJSONKey = toJSONKeyText sessionVariableToText + +instance ToTxt SessionVariable where + toTxt = sessionVariableToText + +type SessionVariableValue = Text + +sessionVariablePrefix :: Text +sessionVariablePrefix = "x-hasura-" + +isSessionVariable :: Text -> Bool +{-# INLINE isSessionVariable #-} -- hope any redundant conversions vis a vis SessionVariable are eliminated +isSessionVariable = T.isPrefixOf sessionVariablePrefix . T.toCaseFold + +-- | A more efficient form of 'isSessionVariable', where applicable +isSessionVariableCI :: CI.CI Text -> Bool +{-# INLINE isSessionVariableCI #-} +isSessionVariableCI = T.isPrefixOf sessionVariablePrefix . CI.foldedCase + +parseSessionVariable :: Text -> Parser SessionVariable +parseSessionVariable t = + -- for performance we avoid isSessionVariable, doing just one case conversion + let sessionVar_dirty = mkSessionVariable t + in if sessionVariablePrefix `T.isPrefixOf` CI.foldedCase (unSessionVariable sessionVar_dirty) + then pure sessionVar_dirty + else fail $ show t <> " is not a Hasura session variable" + +instance FromJSON SessionVariable where + parseJSON = withText "String" parseSessionVariable + +instance FromJSONKey SessionVariable where + fromJSONKey = FromJSONKeyTextParser parseSessionVariable + +-- | in normalized, lower-case form +sessionVariableToText :: SessionVariable -> Text +sessionVariableToText = CI.foldedCase . unSessionVariable + +mkSessionVariable :: Text -> SessionVariable +mkSessionVariable = SessionVariable . CI.mk + +newtype SessionVariables = SessionVariables {unSessionVariables :: HashMap.HashMap SessionVariable SessionVariableValue} + deriving (Show, Eq, Hashable, Semigroup, Monoid) + +instance ToJSON SessionVariables where + toJSON (SessionVariables varMap) = + toJSON $ mapKeys sessionVariableToText varMap + +instance FromJSON SessionVariables where + parseJSON v = mkSessionVariablesText <$> parseJSON v + +mkSessionVariablesText :: HashMap.HashMap Text Text -> SessionVariables +mkSessionVariablesText = SessionVariables . mapKeys mkSessionVariable + +-- | Converts a `SessionVariable` value to a GraphQL name. +-- This will fail if the session variable contains characters that are not valid +-- for a graphql names. It is the caller's responsibility to decide what to do +-- in such a case. +sessionVariableToGraphQLName :: SessionVariable -> Maybe G.Name +sessionVariableToGraphQLName = G.mkName . T.replace "-" "_" . sessionVariableToText + +filterSessionVariables :: + (SessionVariable -> SessionVariableValue -> Bool) -> + SessionVariables -> + SessionVariables +filterSessionVariables f = SessionVariables . HashMap.filterWithKey f . unSessionVariables + +mkSessionVariablesHeaders :: [HTTP.Header] -> SessionVariables +mkSessionVariablesHeaders = + SessionVariables + . HashMap.fromList + . map (first SessionVariable) + . filter (isSessionVariableCI . fst) -- Only x-hasura-* headers + . map (CI.map bsToTxt *** bsToTxt) + +---- Something like this a little faster, but I expect some test failures +-- . map (lowerToTxt *** bsToTxt) +-- where +-- -- NOTE: this throws away the original, vs 'CI.map bsToTxt' +-- lowerToTxt = CI.unsafeMk . bsToTxt . CI.foldedCase + +sessionVariablesToHeaders :: SessionVariables -> [HTTP.Header] +sessionVariablesToHeaders = + map ((CI.map txtToBs . unSessionVariable) *** txtToBs) + . HashMap.toList + . unSessionVariables + +getSessionVariables :: SessionVariables -> [Text] +getSessionVariables = map sessionVariableToText . HashMap.keys . unSessionVariables + +getSessionVariablesSet :: SessionVariables -> HashSet SessionVariable +getSessionVariablesSet = HashMap.keysSet . unSessionVariables + +getSessionVariableValue :: SessionVariable -> SessionVariables -> Maybe SessionVariableValue +getSessionVariableValue k = HashMap.lookup k . unSessionVariables + +maybeRoleFromSessionVariables :: SessionVariables -> Maybe RoleName +maybeRoleFromSessionVariables sessionVariables = + -- returns Nothing if x-hasura-role is an empty string + getSessionVariableValue userRoleHeader sessionVariables >>= mkRoleName + +mkClientHeadersForward :: [HTTP.Header] -> [HTTP.Header] +mkClientHeadersForward reqHeaders = + xForwardedHeaders <> (filterVars . filterRequestHeaders) reqHeaders + where + filterRequestHeaders = filterHeaders $ HashSet.fromList commonClientHeadersIgnored + filterVars = filter (\(k, _) -> not $ isSessionVariable $ bsToTxt $ CI.original k) + xForwardedHeaders = flip mapMaybe reqHeaders $ \(hdrName, hdrValue) -> + case hdrName of + "Host" -> Just ("X-Forwarded-Host", hdrValue) + "User-Agent" -> Just ("X-Forwarded-User-Agent", hdrValue) + "Origin" -> Just ("X-Forwarded-Origin", hdrValue) + _ -> Nothing diff --git a/server/src-lib/Hasura/Authentication/User.hs b/server/src-lib/Hasura/Authentication/User.hs new file mode 100644 index 0000000000000..d6e26769288fb --- /dev/null +++ b/server/src-lib/Hasura/Authentication/User.hs @@ -0,0 +1,161 @@ +module Hasura.Authentication.User + ( UserAdminSecret (..), + BackendOnlyFieldAccess (..), + UserInfo (..), + UserInfoM (..), + ExtraUserInfo (..), + UserRoleBuild (..), + askCurRole, + adminUserInfo, + mkUserInfo, + ) +where + +import Data.Aeson +import Data.Char qualified as Char +import Data.HashMap.Strict qualified as HashMap +import Data.Text qualified as T +import Hasura.Authentication.Headers (adminSecretHeader, deprecatedAccessKeyHeader, useBackendOnlyPermissionsHeader, userRoleHeader) +import Hasura.Authentication.Role (RoleName, adminRoleName, roleNameToTxt) +import Hasura.Authentication.Session (SessionVariables (..), getSessionVariableValue, maybeRoleFromSessionVariables) +import Hasura.Base.Error (Code (..), QErr, throw400) +import Hasura.Prelude + +-- | Represent the admin secret state; whether the secret is sent +-- in the request or if actually authorization is not configured. +data UserAdminSecret + = UAdminSecretSent + | UAdminSecretNotSent + | UAuthNotSet + deriving (Show, Eq) + +-- | Represents the 'X-Hasura-Use-Backend-Only-Permissions' session variable +-- and request made with 'X-Hasura-Admin-Secret' if any auth configured. +-- For more details see Note [Backend only permissions] +data BackendOnlyFieldAccess + = BOFAAllowed + | BOFADisallowed + deriving (Show, Eq, Generic) + +instance FromJSON BackendOnlyFieldAccess where + parseJSON = genericParseJSON hasuraJSON + +instance ToJSON BackendOnlyFieldAccess where + toJSON = genericToJSON hasuraJSON + toEncoding = genericToEncoding hasuraJSON + +instance Hashable BackendOnlyFieldAccess + +data UserInfo = UserInfo + { _uiRole :: RoleName, + _uiSession :: SessionVariables, + _uiBackendOnlyFieldAccess :: BackendOnlyFieldAccess + } + deriving (Show, Eq, Generic) + +instance Hashable UserInfo + +instance FromJSON UserInfo where + parseJSON = genericParseJSON hasuraJSON + +instance ToJSON UserInfo where + toJSON = genericToJSON hasuraJSON + toEncoding = genericToEncoding hasuraJSON + +class (Monad m) => UserInfoM m where + askUserInfo :: m UserInfo + +instance (UserInfoM m) => UserInfoM (ReaderT r m) where + askUserInfo = lift askUserInfo + +instance (UserInfoM m) => UserInfoM (ExceptT r m) where + askUserInfo = lift askUserInfo + +instance (UserInfoM m) => UserInfoM (StateT s m) where + askUserInfo = lift askUserInfo + +-- | extra information used to identify a Hasura User +data ExtraUserInfo = ExtraUserInfo {_euiUserId :: Maybe Text} + deriving (Show, Eq, Generic) + +-- | Represents how to build a role from the session variables +data UserRoleBuild + = -- | Look for `x-hasura-role` session variable value and absence will raise an exception + URBFromSessionVariables + | -- | Look for `x-hasura-role` session variable value, if absent fall back to given role + URBFromSessionVariablesFallback !RoleName + | -- | Use only the pre-determined role + URBPreDetermined !RoleName + deriving (Show, Eq) + +askCurRole :: (UserInfoM m) => m RoleName +askCurRole = _uiRole <$> askUserInfo + +adminUserInfo :: UserInfo +adminUserInfo = UserInfo adminRoleName mempty BOFADisallowed + +-- | Build @'UserInfo' from @'SessionVariables' +mkUserInfo :: + forall m. + (MonadError QErr m) => + UserRoleBuild -> + UserAdminSecret -> + SessionVariables -> + m UserInfo +mkUserInfo roleBuild userAdminSecret sessionVariables = do + roleName <- case roleBuild of + URBFromSessionVariables -> + onNothing maybeSessionRole + $ throw400 InvalidParams + $ userRoleHeader + <> " not found in session variables" + URBFromSessionVariablesFallback roleName' -> pure $ fromMaybe roleName' maybeSessionRole + URBPreDetermined roleName' -> pure roleName' + backendOnlyFieldAccess <- getBackendOnlyFieldAccess + let modifiedSession = modifySessionVariables roleName sessionVariables + pure $ UserInfo roleName modifiedSession backendOnlyFieldAccess + where + maybeSessionRole = maybeRoleFromSessionVariables sessionVariables + + modifySessionVariables :: RoleName -> SessionVariables -> SessionVariables + modifySessionVariables roleName = + SessionVariables + . HashMap.insert userRoleHeader (roleNameToTxt roleName) + . HashMap.delete adminSecretHeader + . HashMap.delete deprecatedAccessKeyHeader + . unSessionVariables + + getBackendOnlyFieldAccess :: m BackendOnlyFieldAccess + getBackendOnlyFieldAccess = case userAdminSecret of + UAdminSecretNotSent -> pure BOFADisallowed + UAdminSecretSent -> lookForBackendOnlyPermissionsConfig + UAuthNotSet -> lookForBackendOnlyPermissionsConfig + where + lookForBackendOnlyPermissionsConfig = + case getSessionVariableValue useBackendOnlyPermissionsHeader sessionVariables of + Nothing -> pure BOFADisallowed + Just varVal -> + case parseStringAsBool (T.unpack varVal) of + Left err -> + throw400 BadRequest + $ useBackendOnlyPermissionsHeader + <> ": " + <> T.pack err + Right privilege -> pure $ if privilege then BOFAAllowed else BOFADisallowed + + parseStringAsBool :: String -> Either String Bool + parseStringAsBool t + | map Char.toLower t `elem` truthVals = Right True + | map Char.toLower t `elem` falseVals = Right False + | otherwise = Left errMsg + where + truthVals = ["true", "t", "yes", "y"] + falseVals = ["false", "f", "no", "n"] + + errMsg = + " Not a valid boolean text. " + ++ "True values are " + ++ show truthVals + ++ " and False values are " + ++ show falseVals + ++ ". All values are case insensitive" diff --git a/server/src-lib/Hasura/Backends/BigQuery/DDL.hs b/server/src-lib/Hasura/Backends/BigQuery/DDL.hs index 63fbb3f1e2957..c65f1be8f9d2d 100644 --- a/server/src-lib/Hasura/Backends/BigQuery/DDL.hs +++ b/server/src-lib/Hasura/Backends/BigQuery/DDL.hs @@ -10,6 +10,8 @@ module Hasura.Backends.BigQuery.DDL where import Data.Aeson +import Hasura.Authentication.Headers (userIdHeader) +import Hasura.Authentication.Session (SessionVariable, isSessionVariable, mkSessionVariable) import Hasura.Backends.BigQuery.DDL.BoolExp import Hasura.Backends.BigQuery.DDL.ComputedField as M import Hasura.Backends.BigQuery.DDL.Source as M @@ -27,7 +29,6 @@ import Hasura.RQL.Types.NamingCase import Hasura.RQL.Types.SchemaCache import Hasura.SQL.Types import Hasura.Server.Utils -import Hasura.Session import Hasura.Table.Cache fetchAndValidateEnumValues :: diff --git a/server/src-lib/Hasura/Backends/BigQuery/Instances/Execute.hs b/server/src-lib/Hasura/Backends/BigQuery/Instances/Execute.hs index 27312482085b9..a13a5c807023c 100644 --- a/server/src-lib/Hasura/Backends/BigQuery/Instances/Execute.hs +++ b/server/src-lib/Hasura/Backends/BigQuery/Instances/Execute.hs @@ -11,6 +11,7 @@ import Data.Text qualified as T import Data.Text.Lazy qualified as LT import Data.Text.Lazy.Builder qualified as LT import Data.Vector qualified as V +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.BigQuery.Execute qualified as DataLoader import Hasura.Backends.BigQuery.FromIr qualified as BigQuery import Hasura.Backends.BigQuery.Plan @@ -39,7 +40,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types (HeaderPrecedence, TraceQueryStatus) -import Hasura.Session import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Client as HTTP import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Backends/BigQuery/Instances/Transport.hs b/server/src-lib/Hasura/Backends/BigQuery/Instances/Transport.hs index e8486f5775e35..2a5334ee5fd00 100644 --- a/server/src-lib/Hasura/Backends/BigQuery/Instances/Transport.hs +++ b/server/src-lib/Hasura/Backends/BigQuery/Instances/Transport.hs @@ -4,6 +4,7 @@ module Hasura.Backends.BigQuery.Instances.Transport () where import Control.Monad.Trans.Control import Data.Aeson qualified as J +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.BigQuery.Instances.Execute () import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Base.Error @@ -28,7 +29,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.SQL.AnyBackend (AnyBackend) import Hasura.Server.Types (RequestId) -import Hasura.Session import Hasura.Tracing instance BackendTransport 'BigQuery where diff --git a/server/src-lib/Hasura/Backends/BigQuery/Plan.hs b/server/src-lib/Hasura/Backends/BigQuery/Plan.hs index b75ea49e365d2..a1e5d55be0f58 100644 --- a/server/src-lib/Hasura/Backends/BigQuery/Plan.hs +++ b/server/src-lib/Hasura/Backends/BigQuery/Plan.hs @@ -12,6 +12,8 @@ import Data.List.NonEmpty qualified as NE import Data.Map.Strict qualified as Map import Data.Text.Extended import Data.Text.Lazy qualified as LT +import Hasura.Authentication.Session (SessionVariables) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.BigQuery.DDL (scalarTypeFromColumnType) import Hasura.Backends.BigQuery.FromIr as BigQuery import Hasura.Backends.BigQuery.Types @@ -21,7 +23,6 @@ import Hasura.RQL.IR import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column qualified as RQL import Hasura.SQL.Types -import Hasura.Session -------------------------------------------------------------------------------- -- Top-level planner diff --git a/server/src-lib/Hasura/Backends/DataConnector/Adapter/ConfigTransform.hs b/server/src-lib/Hasura/Backends/DataConnector/Adapter/ConfigTransform.hs index 0ffb8018f0b8b..48443dd0fe683 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Adapter/ConfigTransform.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Adapter/ConfigTransform.hs @@ -16,6 +16,7 @@ import Data.List (isPrefixOf) import Data.Text qualified as Text import Data.Text.Encoding qualified as Text import Data.Text.Extended qualified as Text +import Hasura.Authentication.Session (SessionVariables) import Hasura.Backends.DataConnector.API (ConfigSchemaResponse) import Hasura.Backends.DataConnector.API qualified as API import Hasura.Backends.DataConnector.Adapter.Types (ConnSourceConfig (..), SourceConfig (..)) @@ -23,7 +24,6 @@ import Hasura.Backends.DataConnector.Adapter.Types qualified as DC import Hasura.Base.Error (Code (..), QErr, internalError, throw400) import Hasura.Prelude import Hasura.RQL.Types.Common as Common -import Hasura.Session (SessionVariables) import Kriti.Error qualified as Kriti import System.Directory (canonicalizePath) diff --git a/server/src-lib/Hasura/Backends/DataConnector/Adapter/Execute.hs b/server/src-lib/Hasura/Backends/DataConnector/Adapter/Execute.hs index 4860a5353efbc..0d465c72ad809 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Adapter/Execute.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Adapter/Execute.hs @@ -11,6 +11,7 @@ where import Data.Aeson qualified as J import Data.ByteString.Lazy qualified as BL import Data.Text.Encoding qualified as TE +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.DataConnector.API qualified as API import Hasura.Backends.DataConnector.Adapter.ConfigTransform (transformSourceConfig) import Hasura.Backends.DataConnector.Adapter.Types (SourceConfig (..)) @@ -29,7 +30,6 @@ import Hasura.RQL.IR.ModelInformation import Hasura.RQL.Types.BackendType (BackendType (DataConnector)) import Hasura.RQL.Types.Common qualified as RQL import Hasura.SQL.AnyBackend (mkAnyBackend) -import Hasura.Session import Hasura.Tracing (MonadTrace, SpanKind (..)) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/Backends/DataConnector/Adapter/Metadata.hs b/server/src-lib/Hasura/Backends/DataConnector/Adapter/Metadata.hs index 740ca46f09d14..52a8d76db7202 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Adapter/Metadata.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Adapter/Metadata.hs @@ -21,6 +21,8 @@ import Data.Semigroup.Foldable (Foldable1 (..)) import Data.Sequence qualified as Seq import Data.Sequence.NonEmpty qualified as NESeq import Data.Text.Extended (toTxt, (<<>), (<>>)) +import Hasura.Authentication.Headers (userIdHeader) +import Hasura.Authentication.Session (SessionVariable, isSessionVariable, mkSessionVariable) import Hasura.Backends.DataConnector.API qualified as API import Hasura.Backends.DataConnector.API.V0 (FunctionInfo (_fiDescription, _fiName)) import Hasura.Backends.DataConnector.API.V0.Table qualified as DC (TableType (..)) @@ -83,7 +85,6 @@ import Hasura.SQL.Types (CollectableType (..)) import Hasura.Server.Migrate.Version (SourceCatalogMigrationState (..)) import Hasura.Server.Utils qualified as HSU import Hasura.Services.Network -import Hasura.Session (SessionVariable, mkSessionVariable) import Hasura.Table.Cache (ForeignKey (_fkConstraint)) import Hasura.Table.Cache qualified as RQL.T.T import Hasura.Tracing (ignoreTraceT) @@ -610,8 +611,8 @@ parseCollectableType' :: m (PartialSQLExp 'DataConnector) parseCollectableType' collectableType = \case J.String t - | HSU.isSessionVariable t -> pure $ mkTypedSessionVar collectableType $ mkSessionVariable t - | HSU.isReqUserId t -> pure $ mkTypedSessionVar collectableType HSU.userIdHeader + | isSessionVariable t -> pure $ mkTypedSessionVar collectableType $ mkSessionVariable t + | HSU.isReqUserId t -> pure $ mkTypedSessionVar collectableType userIdHeader val -> case collectableType of CollectableTypeScalar columnType -> PSESQLExp . DC.ValueLiteral (columnTypeToScalarType columnType) <$> RQL.T.C.parseScalarValueColumnType columnType val diff --git a/server/src-lib/Hasura/Backends/DataConnector/Adapter/Transport.hs b/server/src-lib/Hasura/Backends/DataConnector/Adapter/Transport.hs index f54f89e5f7d60..cdcbcd973b30a 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Adapter/Transport.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Adapter/Transport.hs @@ -9,6 +9,7 @@ import Control.Exception.Safe (throwIO) import Control.Monad.Trans.Control import Data.Aeson qualified as J import Data.Text.Extended ((<>>)) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.DataConnector.Adapter.Execute (DataConnectorPreparedQuery (..), encodePreparedQueryToJsonText) import Hasura.Backends.DataConnector.Adapter.Types (SourceConfig (..)) import Hasura.Backends.DataConnector.Agent.Client (AgentClientContext (..), AgentClientT, AgentLicenseKey (..), runAgentClientT) @@ -26,7 +27,6 @@ import Hasura.RQL.Types.Backend (ResolvedConnectionTemplate) import Hasura.RQL.Types.BackendType (BackendType (DataConnector)) import Hasura.SQL.AnyBackend (AnyBackend) import Hasura.Server.Types (RequestId) -import Hasura.Session (UserInfo) import Hasura.Tracing qualified as Tracing -------------------------------------------------------------------------------- diff --git a/server/src-lib/Hasura/Backends/DataConnector/Plan/Common.hs b/server/src-lib/Hasura/Backends/DataConnector/Plan/Common.hs index 72e542884cad6..64071570b8a9c 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Plan/Common.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Plan/Common.hs @@ -53,6 +53,7 @@ import Data.Text qualified as T import Data.Text.Encoding qualified as TE import Data.Text.Extended (toTxt, (<<>), (<>>)) import Data.Tuple (swap) +import Hasura.Authentication.Session (SessionVariable, SessionVariables, getSessionVariableValue) import Hasura.Backends.DataConnector.API qualified as API import Hasura.Backends.DataConnector.Adapter.Backend import Hasura.Backends.DataConnector.Adapter.Types @@ -71,7 +72,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.Relationships.Local (RelInfo (..), RelMapping (..), RelTarget (..)) import Hasura.SQL.AnyBackend qualified as AB import Hasura.SQL.Types (CollectableType (..)) -import Hasura.Session import Numeric (showIntAtBase) import Witch qualified diff --git a/server/src-lib/Hasura/Backends/DataConnector/Plan/MutationPlan.hs b/server/src-lib/Hasura/Backends/DataConnector/Plan/MutationPlan.hs index 0916da4205651..c4736e0b5a7fa 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Plan/MutationPlan.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Plan/MutationPlan.hs @@ -11,6 +11,7 @@ import Data.Semigroup.Foldable (toNonEmpty) import Data.Set (Set) import Data.Set qualified as Set import Data.Text.Extended (toTxt) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Backends.DataConnector.API qualified as API import Hasura.Backends.DataConnector.Adapter.Backend import Hasura.Backends.DataConnector.Adapter.Types @@ -33,7 +34,6 @@ import Hasura.RQL.IR.Value import Hasura.RQL.Types.BackendType (BackendType (..)) import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common -import Hasura.Session (SessionVariables) import Language.GraphQL.Draft.Syntax qualified as G import Witch qualified diff --git a/server/src-lib/Hasura/Backends/DataConnector/Plan/QueryPlan.hs b/server/src-lib/Hasura/Backends/DataConnector/Plan/QueryPlan.hs index a472936ca4d51..7b046f48f136a 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Plan/QueryPlan.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Plan/QueryPlan.hs @@ -22,6 +22,7 @@ import Data.List.NonEmpty qualified as NE import Data.Semigroup (Min (..)) import Data.Set qualified as Set import Data.Text.Extended (toTxt) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Backends.DataConnector.API (Target (TInterpolated)) import Hasura.Backends.DataConnector.API qualified as API import Hasura.Backends.DataConnector.Adapter.Backend @@ -38,7 +39,6 @@ import Hasura.RQL.IR.Value import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common -import Hasura.Session import Language.GraphQL.Draft.Syntax qualified as G import Witch qualified diff --git a/server/src-lib/Hasura/Backends/DataConnector/Plan/RemoteRelationshipPlan.hs b/server/src-lib/Hasura/Backends/DataConnector/Plan/RemoteRelationshipPlan.hs index ab758ac704bf9..31654db22b9c9 100644 --- a/server/src-lib/Hasura/Backends/DataConnector/Plan/RemoteRelationshipPlan.hs +++ b/server/src-lib/Hasura/Backends/DataConnector/Plan/RemoteRelationshipPlan.hs @@ -16,6 +16,7 @@ import Data.List.NonEmpty qualified as NE import Data.Set qualified as Set import Data.Text qualified as Text import Data.Text.Extended (toTxt) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Backends.DataConnector.API qualified as API import Hasura.Backends.DataConnector.Adapter.Types import Hasura.Backends.DataConnector.Plan.Common @@ -27,7 +28,6 @@ import Hasura.RQL.IR.Select import Hasura.RQL.IR.Value import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common -import Hasura.Session import Language.GraphQL.Draft.Syntax qualified as G import Witch qualified diff --git a/server/src-lib/Hasura/Backends/MSSQL/DDL.hs b/server/src-lib/Hasura/Backends/MSSQL/DDL.hs index b34239f669bfd..7b4460a9d5811 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/DDL.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/DDL.hs @@ -18,6 +18,8 @@ module Hasura.Backends.MSSQL.DDL where import Data.Aeson +import Hasura.Authentication.Headers (userIdHeader) +import Hasura.Authentication.Session (SessionVariable, isSessionVariable, mkSessionVariable) import Hasura.Backends.MSSQL.DDL.BoolExp as M import Hasura.Backends.MSSQL.DDL.Source as M import Hasura.Backends.MSSQL.Types.Internal qualified as MT @@ -34,8 +36,7 @@ import Hasura.RQL.Types.EventTrigger import Hasura.RQL.Types.NamingCase import Hasura.RQL.Types.SchemaCache import Hasura.SQL.Types -import Hasura.Server.Utils -import Hasura.Session +import Hasura.Server.Utils (isReqUserId) import Hasura.StoredProcedure.Types import Hasura.Table.Cache import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/Backends/MSSQL/DDL/EventTrigger.hs b/server/src-lib/Hasura/Backends/MSSQL/DDL/EventTrigger.hs index 1a8c42f65c4be..07d54439286ce 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/DDL/EventTrigger.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/DDL/EventTrigger.hs @@ -49,6 +49,7 @@ import Data.Time.Format.ISO8601 (iso8601Show) import Database.MSSQL.Transaction (TxE, TxET, multiRowQueryE, singleRowQueryE, unitQueryE) import Database.ODBC.SQLServer (Datetime2 (..), Datetimeoffset (..), rawUnescapedText, toSql) import Database.ODBC.TH qualified as ODBC +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.MSSQL.Connection import Hasura.Backends.MSSQL.DDL.Source.Version import Hasura.Backends.MSSQL.SQL.Error qualified as HGE @@ -66,7 +67,6 @@ import Hasura.RQL.Types.Eventing (EventId (..), OpVar (..)) import Hasura.RQL.Types.Source import Hasura.SQL.Types import Hasura.Server.Types -import Hasura.Session import Hasura.Table.Cache (PrimaryKey (..)) import Hasura.Tracing qualified as Tracing import Text.Builder qualified as TB diff --git a/server/src-lib/Hasura/Backends/MSSQL/Execute/Delete.hs b/server/src-lib/Hasura/Backends/MSSQL/Execute/Delete.hs index 8c103c0928a0b..6759eabc8a205 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/Execute/Delete.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/Execute/Delete.hs @@ -11,6 +11,7 @@ where import Data.Tuple.Extra (both) import Database.MSSQL.Transaction qualified as Tx +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.MSSQL.Connection import Hasura.Backends.MSSQL.Execute.QueryTags import Hasura.Backends.MSSQL.FromIr as TSQL @@ -34,7 +35,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common (SourceName (..)) import Hasura.RQL.Types.Schema.Options qualified as Options -import Hasura.Session -- | Executes a Delete IR AST and return results as JSON. executeDelete :: diff --git a/server/src-lib/Hasura/Backends/MSSQL/Execute/Insert.hs b/server/src-lib/Hasura/Backends/MSSQL/Execute/Insert.hs index 77d74b8197480..e3c364bd81fdf 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/Execute/Insert.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/Execute/Insert.hs @@ -11,6 +11,7 @@ where import Data.HashMap.Strict qualified as HashMap import Database.MSSQL.Transaction qualified as Tx +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.MSSQL.Connection import Hasura.Backends.MSSQL.Execute.QueryTags (withQueryTags) import Hasura.Backends.MSSQL.FromIr as TSQL @@ -38,7 +39,6 @@ import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common (SourceName (..)) import Hasura.RQL.Types.Schema.Options qualified as Options -import Hasura.Session -- | Execute and insert/upsert mutation against MS SQL Server. -- See the documentation for 'buildInsertTx' to see how it's done. diff --git a/server/src-lib/Hasura/Backends/MSSQL/Execute/Update.hs b/server/src-lib/Hasura/Backends/MSSQL/Execute/Update.hs index a34b1ab892fe2..3012e62e39332 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/Execute/Update.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/Execute/Update.hs @@ -10,6 +10,7 @@ module Hasura.Backends.MSSQL.Execute.Update where import Database.MSSQL.Transaction qualified as Tx +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.MSSQL.Connection import Hasura.Backends.MSSQL.Execute.QueryTags import Hasura.Backends.MSSQL.FromIr as TSQL @@ -36,7 +37,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common (SourceName (..)) import Hasura.RQL.Types.Schema.Options qualified as Options -import Hasura.Session -- | Executes an Update IR AST and return results as JSON. executeUpdate :: diff --git a/server/src-lib/Hasura/Backends/MSSQL/Instances/Execute.hs b/server/src-lib/Hasura/Backends/MSSQL/Instances/Execute.hs index 9e457428208cd..94c391e532d2d 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/Instances/Execute.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/Instances/Execute.hs @@ -27,6 +27,8 @@ import Data.Text.Extended import Data.Text.Extended qualified as T import Database.MSSQL.Transaction qualified as Tx import Database.ODBC.SQLServer qualified as ODBC +import Hasura.Authentication.Session (SessionVariables, filterSessionVariables, getSessionVariables) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.MSSQL.Connection import Hasura.Backends.MSSQL.Execute.Delete import Hasura.Backends.MSSQL.Execute.Insert @@ -56,7 +58,6 @@ import Hasura.RQL.Types.Common as RQLTypes import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types (HeaderPrecedence, TraceQueryStatus) -import Hasura.Session import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Client as HTTP import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Backends/MSSQL/Instances/Transport.hs b/server/src-lib/Hasura/Backends/MSSQL/Instances/Transport.hs index 685dcf18b1658..c3622775504e1 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/Instances/Transport.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/Instances/Transport.hs @@ -16,6 +16,7 @@ import Data.Text.Encoding (encodeUtf8) import Data.Text.Extended import Database.MSSQL.Transaction (forJsonQueryE) import Database.ODBC.SQLServer qualified as ODBC +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Backends.MSSQL.Connection import Hasura.Backends.MSSQL.Execute.QueryTags (withQueryTags) @@ -37,7 +38,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.SQL.AnyBackend (AnyBackend) import Hasura.Server.Types (RequestId) -import Hasura.Session import Hasura.Tracing instance BackendTransport 'MSSQL where diff --git a/server/src-lib/Hasura/Backends/MSSQL/Plan.hs b/server/src-lib/Hasura/Backends/MSSQL/Plan.hs index d255e4583132d..b70770de2a4ab 100644 --- a/server/src-lib/Hasura/Backends/MSSQL/Plan.hs +++ b/server/src-lib/Hasura/Backends/MSSQL/Plan.hs @@ -30,6 +30,7 @@ import Data.List.NonEmpty qualified as NE import Data.Text qualified as T import Data.Text.Extended import Database.ODBC.SQLServer qualified as ODBC +import Hasura.Authentication.Session (SessionVariable, SessionVariables, getSessionVariableValue, getSessionVariablesSet, sessionVariableToText) import Hasura.Backends.MSSQL.FromIr import Hasura.Backends.MSSQL.FromIr.Query (fromQueryRootField, fromSourceRelationship) import Hasura.Backends.MSSQL.Types.Internal @@ -41,7 +42,6 @@ import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column qualified as RQL import Hasura.RQL.Types.Common qualified as RQL import Hasura.SQL.Types -import Hasura.Session import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Backends/Postgres/Connection/MonadTx.hs b/server/src-lib/Hasura/Backends/Postgres/Connection/MonadTx.hs index 18af8f465b55d..83f71e8766097 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Connection/MonadTx.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Connection/MonadTx.hs @@ -37,6 +37,8 @@ import Data.Aeson.Extended import Data.Time.Clock.Compat () import Database.PG.Query qualified as PG import Database.PG.Query.Connection qualified as PG +import Hasura.Authentication.Session (SessionVariables) +import Hasura.Authentication.User (UserInfo (..), UserInfoM (..)) import Hasura.Backends.Postgres.Execute.Types as ET import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types @@ -44,7 +46,6 @@ import Hasura.Base.Error import Hasura.Base.Instances () import Hasura.Prelude import Hasura.SQL.Types -import Hasura.Session import Hasura.Tracing qualified as Tracing import Test.QuickCheck.Instances.Semigroup () import Test.QuickCheck.Instances.Time () diff --git a/server/src-lib/Hasura/Backends/Postgres/DDL.hs b/server/src-lib/Hasura/Backends/Postgres/DDL.hs index 98d9aac5d1032..325ef681ee90f 100644 --- a/server/src-lib/Hasura/Backends/Postgres/DDL.hs +++ b/server/src-lib/Hasura/Backends/Postgres/DDL.hs @@ -10,6 +10,8 @@ module Hasura.Backends.Postgres.DDL where import Data.Aeson +import Hasura.Authentication.Headers (userIdHeader) +import Hasura.Authentication.Session (SessionVariable, isSessionVariable, mkSessionVariable) import Hasura.Backends.Postgres.DDL.BoolExp as M import Hasura.Backends.Postgres.DDL.ComputedField as M import Hasura.Backends.Postgres.DDL.EventTrigger as M @@ -26,8 +28,7 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column import Hasura.SQL.Types -import Hasura.Server.Utils -import Hasura.Session +import Hasura.Server.Utils (isReqUserId) parseCollectableType :: forall pgKind m. diff --git a/server/src-lib/Hasura/Backends/Postgres/DDL/EventTrigger.hs b/server/src-lib/Hasura/Backends/Postgres/DDL/EventTrigger.hs index 254a40485192b..9e5b64825e9fa 100644 --- a/server/src-lib/Hasura/Backends/Postgres/DDL/EventTrigger.hs +++ b/server/src-lib/Hasura/Backends/Postgres/DDL/EventTrigger.hs @@ -48,6 +48,7 @@ import Data.Text.Lazy qualified as TL import Data.Time (UTCTime) import Data.Time.Clock qualified as Time import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.SQL.DML import Hasura.Backends.Postgres.SQL.DML qualified as S @@ -69,7 +70,6 @@ import Hasura.Server.Migrate.Internal import Hasura.Server.Migrate.LatestVersion import Hasura.Server.Migrate.Version import Hasura.Server.Types -import Hasura.Session import Hasura.Table.Cache (PrimaryKey) import Hasura.Tracing qualified as Tracing import Text.Builder qualified as TB diff --git a/server/src-lib/Hasura/Backends/Postgres/DDL/RunSQL.hs b/server/src-lib/Hasura/Backends/Postgres/DDL/RunSQL.hs index 846a8467384fe..1597ba4189b23 100644 --- a/server/src-lib/Hasura/Backends/Postgres/DDL/RunSQL.hs +++ b/server/src-lib/Hasura/Backends/Postgres/DDL/RunSQL.hs @@ -26,6 +26,7 @@ import Data.HashSet qualified as HS import Data.List.NonEmpty qualified as NE import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfoM (..)) import Hasura.Backends.Postgres.Connection.MonadTx import Hasura.Backends.Postgres.DDL.EventTrigger import Hasura.Backends.Postgres.DDL.Source @@ -57,7 +58,6 @@ import Hasura.RQL.Types.SchemaCacheTypes import Hasura.RQL.Types.Source import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Utils (quoteRegex) -import Hasura.Session import Hasura.Table.Cache import Hasura.Tracing qualified as Tracing import Text.Regex.TDFA qualified as TDFA diff --git a/server/src-lib/Hasura/Backends/Postgres/Execute/ConnectionTemplate.hs b/server/src-lib/Hasura/Backends/Postgres/Execute/ConnectionTemplate.hs index f57ab0477414b..d164f3771efc3 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Execute/ConnectionTemplate.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Execute/ConnectionTemplate.hs @@ -23,9 +23,9 @@ import Data.Aeson.KeyMap qualified as KM import Data.CaseInsensitive qualified as CI import Data.HashMap.Strict qualified as HashMap import Data.Text.Extended +import Hasura.Authentication.Session (SessionVariables) import Hasura.Backends.Postgres.Connection.Settings import Hasura.Prelude -import Hasura.Session (SessionVariables) import Kriti.Eval qualified as Kriti import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Backends/Postgres/Execute/Insert.hs b/server/src-lib/Hasura/Backends/Postgres/Execute/Insert.hs index 12df94e109f85..b55f00bcd73aa 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Execute/Insert.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Execute/Insert.hs @@ -21,6 +21,7 @@ import Data.Sequence qualified as Seq import Data.Text qualified as T import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.Execute.Mutation qualified as PGE import Hasura.Backends.Postgres.SQL.DML qualified as Postgres @@ -50,7 +51,6 @@ import Hasura.RQL.Types.NamingCase (NamingCase) import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.Server.Types (HeaderPrecedence) -import Hasura.Session import Hasura.Tracing qualified as Tracing import Network.HTTP.Client.Transformable qualified as HTTP diff --git a/server/src-lib/Hasura/Backends/Postgres/Execute/Mutation.hs b/server/src-lib/Hasura/Backends/Postgres/Execute/Mutation.hs index c71f927f243ab..146e7fc9181f7 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Execute/Mutation.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Execute/Mutation.hs @@ -40,6 +40,8 @@ import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.List.Extended qualified as LE import Data.Sequence qualified as DS import Database.PG.Query qualified as PG +import Hasura.Authentication.Session (mkClientHeadersForward) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types hiding (TableName) @@ -77,8 +79,6 @@ import Hasura.RQL.Types.NamingCase (NamingCase) import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.Server.Types (HeaderPrecedence (..)) -import Hasura.Server.Utils -import Hasura.Session import Hasura.Tracing (b3TraceContextPropagator) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/Backends/Postgres/Execute/Prepare.hs b/server/src-lib/Hasura/Backends/Postgres/Execute/Prepare.hs index 88e2b57c58ef0..74f7ae5d9384d 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Execute/Prepare.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Execute/Prepare.hs @@ -25,28 +25,20 @@ import Data.HashMap.Strict qualified as HashMap import Data.IntMap qualified as IntMap import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.Session (SessionVariables, getSessionVariableValue, sessionVariableToText) +import Hasura.Authentication.User (UserInfo (_uiSession)) import Hasura.Backends.Postgres.Connection.MonadTx import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Value import Hasura.Backends.Postgres.Translate.Column import Hasura.Backends.Postgres.Types.Column -import Hasura.Base.Error - ( Code (NotFound), - QErr, - throw400, - ) +import Hasura.Base.Error (Code (NotFound), QErr, throw400) import Hasura.GraphQL.Execute.Backend import Hasura.GraphQL.Parser.Names import Hasura.Prelude import Hasura.RQL.IR.Value import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column -import Hasura.Session - ( SessionVariables, - UserInfo (_uiSession), - getSessionVariableValue, - sessionVariableToText, - ) import Language.GraphQL.Draft.Syntax qualified as G type PlanVariables = HashMap.HashMap PlanVariable Int diff --git a/server/src-lib/Hasura/Backends/Postgres/Execute/Subscription.hs b/server/src-lib/Hasura/Backends/Postgres/Execute/Subscription.hs index 16749f05977f1..3cb193d79d9aa 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Execute/Subscription.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Execute/Subscription.hs @@ -31,6 +31,8 @@ import Data.HashSet qualified as Set import Data.Semigroup.Generic import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.Session (SessionVariable, SessionVariables, getSessionVariableValue, getSessionVariablesSet, sessionVariableToText) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Error @@ -53,7 +55,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.Schema.Options (RemoveEmptySubscriptionResponses (..)) import Hasura.RQL.Types.Subscription import Hasura.SQL.Types -import Hasura.Session import Language.GraphQL.Draft.Syntax qualified as G ---------------------------------------------------------------------------------------------------- diff --git a/server/src-lib/Hasura/Backends/Postgres/Execute/Types.hs b/server/src-lib/Hasura/Backends/Postgres/Execute/Types.hs index 606d5f7bfb2f6..fad5e2418d83e 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Execute/Types.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Execute/Types.hs @@ -45,6 +45,9 @@ import Data.Text.Extended (toTxt) import Database.PG.Query qualified as PG import Database.PG.Query.Class () import Database.PG.Query.Connection qualified as PG +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.Session (SessionVariables (..), getSessionVariableValue, maybeRoleFromSessionVariables) +import Hasura.Authentication.User (UserInfo (_uiRole, _uiSession)) import Hasura.Backends.Postgres.Connection.Settings (ConnectionTemplate (..), PostgresConnectionSetMemberName) import Hasura.Backends.Postgres.Execute.ConnectionTemplate import Hasura.Backends.Postgres.SQL.DML qualified as S @@ -56,10 +59,7 @@ import Hasura.Prelude import Hasura.RQL.IR.BoolExp.RemoteRelationshipPredicate import Hasura.RQL.Types.Common (SourceName) import Hasura.RQL.Types.ResizePool -import Hasura.RQL.Types.Roles (adminRoleName) -import Hasura.RQL.Types.Session (SessionVariables (..)) import Hasura.SQL.Types (ExtensionsSchema, toSQL) -import Hasura.Session (UserInfo (_uiRole, _uiSession), getSessionVariableValue, maybeRoleFromSessionVariables) import Kriti.Error qualified as Kriti import Kriti.Parser qualified as Kriti import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Backends/Postgres/Instances/Execute.hs b/server/src-lib/Hasura/Backends/Postgres/Instances/Execute.hs index c0debc6880cc0..f6b7058e3fb17 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Instances/Execute.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Instances/Execute.hs @@ -22,6 +22,7 @@ import Data.IntMap qualified as IntMap import Data.Sequence qualified as Seq import Data.Tuple.Extra (both) import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.Postgres.Connection.MonadTx import Hasura.Backends.Postgres.Execute.ConnectionTemplate (QueryContext (..), QueryOperationType (..)) import Hasura.Backends.Postgres.Execute.Insert (convertToSQLTransaction, validateInsertInput, validateInsertRows) @@ -93,7 +94,6 @@ import Hasura.RQL.Types.Permission (ValidateInput (..), ValidateInputHttpDefinit import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types (HeaderPrecedence, TraceQueryStatus (TraceQueryEnabled)) -import Hasura.Session (UserInfo (..)) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Client qualified as HTTP diff --git a/server/src-lib/Hasura/Backends/Postgres/Instances/Transport.hs b/server/src-lib/Hasura/Backends/Postgres/Instances/Transport.hs index 665b19778dd8d..8181701e3c403 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Instances/Transport.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Instances/Transport.hs @@ -16,6 +16,7 @@ import Data.ByteString qualified as B import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Backends.Postgres.Connection.MonadTx import Hasura.Backends.Postgres.Execute.Subscription qualified as PGL @@ -45,7 +46,6 @@ import Hasura.RQL.Types.BackendTag (HasTag) import Hasura.RQL.Types.BackendType import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types (RequestId) -import Hasura.Session import Hasura.Tracing instance diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/BoolExp.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/BoolExp.hs index 71f15d7c3ec5b..445acd55199d9 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/BoolExp.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/BoolExp.hs @@ -11,6 +11,7 @@ where import Data.HashMap.Strict qualified as HashMap import Data.Text.Extended (ToTxt, toTxt) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types hiding (TableName) import Hasura.Backends.Postgres.Types.BoolExp @@ -26,7 +27,6 @@ import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common import Hasura.RQL.Types.Relationships.Local -import Hasura.RQL.Types.Session (UserInfo (..)) import Hasura.SQL.AnyBackend qualified as AB import Hasura.SQL.Types import Hasura.Table.Cache () diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Delete.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Delete.hs index 710cc674925f3..2d660de3ab790 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Delete.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Delete.hs @@ -8,6 +8,7 @@ module Hasura.Backends.Postgres.Translate.Delete ) where +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.Translate.BoolExp import Hasura.Base.Error (QErr) @@ -16,7 +17,6 @@ import Hasura.RQL.IR.BoolExp import Hasura.RQL.IR.Delete import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType -import Hasura.RQL.Types.Session (UserInfo) mkDelete :: (Backend ('Postgres pgKind), MonadIO m, MonadError QErr m) => diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Insert.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Insert.hs index 0567bd8b4e0a3..577595f1873c7 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Insert.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Insert.hs @@ -9,6 +9,7 @@ module Hasura.Backends.Postgres.Translate.Insert ) where +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.Translate.BoolExp @@ -18,7 +19,6 @@ import Hasura.Prelude import Hasura.RQL.IR.Insert import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType -import Hasura.RQL.Types.Session (UserInfo) mkInsertCTE :: (Backend ('Postgres pgKind), MonadIO m, MonadError QErr m) => diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Returning.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Returning.hs index 5bb861bae4e25..177ad6057eb96 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Returning.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Returning.hs @@ -15,6 +15,7 @@ module Hasura.Backends.Postgres.Translate.Returning where import Data.Coerce +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.Translate.Select @@ -31,7 +32,6 @@ import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common import Hasura.RQL.Types.NamingCase (NamingCase) import Hasura.RQL.Types.Schema.Options qualified as Options -import Hasura.RQL.Types.Session (UserInfo) import Hasura.Table.Cache -- | The postgres common table expression (CTE) for mutation queries. diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Aggregate.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Aggregate.hs index 81f3cb06b8355..ed4b3a20a28b7 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Aggregate.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Aggregate.hs @@ -8,6 +8,7 @@ module Hasura.Backends.Postgres.Translate.Select.Aggregate where import Database.PG.Query (Query) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML (BoolExp (BELit), Select) import Hasura.Backends.Postgres.SQL.Types (IsIdentifier (toIdentifier)) import Hasura.Backends.Postgres.Translate.Select.AnnotatedFieldJSON @@ -21,7 +22,6 @@ import Hasura.RQL.IR.Select (AnnAggregateSelect, AnnSelectG (_asnStrfyNum)) import Hasura.RQL.Types.Backend (Backend) import Hasura.RQL.Types.BackendType (BackendType (Postgres)) import Hasura.RQL.Types.Common (FieldName (FieldName)) -import Hasura.RQL.Types.Session (UserInfo) -- | Translates IR to Postgres queries for aggregated SELECTs. -- diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Connection.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Connection.hs index 97ebe6fb57299..776e319c81f49 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Connection.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Connection.hs @@ -8,6 +8,7 @@ where -- import Control.Monad.Writer (runWriter) import Database.PG.Query (Query) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.Translate.Select.AnnotatedFieldJSON @@ -24,7 +25,6 @@ import Hasura.RQL.IR.Select import Hasura.RQL.Types.Backend (Backend) import Hasura.RQL.Types.BackendType (BackendType (Postgres)) import Hasura.RQL.Types.Common (FieldName (FieldName)) -import Hasura.RQL.Types.Session (UserInfo) -- | Translates IR to Postgres queries for "connection" queries (used for Relay). -- diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Extractor.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Extractor.hs index bfa0c7950dc29..c6a2bb7dbbbf5 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Extractor.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Extractor.hs @@ -13,6 +13,7 @@ where import Control.Monad.Extra (concatMapM) import Data.List.NonEmpty qualified as NE +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.Translate.BoolExp (withRedactionExp) @@ -28,7 +29,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common -import Hasura.RQL.Types.Session (UserInfo) -- | Creates node extractors for all of the columns and computed fields used in aggregated fields. -- The ColumnAliases for all the extractors are namespaced aliases using the 'contextualize*` functions diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/OrderBy.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/OrderBy.hs index 26be4ab564012..c165f4ef9d36d 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/OrderBy.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/OrderBy.hs @@ -7,6 +7,7 @@ where import Control.Lens ((^?)) import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.List.NonEmpty qualified as NE +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types ( IsIdentifier (toIdentifier), @@ -56,7 +57,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.ComputedField import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Schema.Options qualified as Options -import Hasura.RQL.Types.Session (UserInfo) {- Note [Optimizing queries using limit/offset] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Process.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Process.hs index 7961dca69924a..be2fd5df42ac9 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Process.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Internal/Process.hs @@ -28,6 +28,7 @@ import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.List.NonEmpty qualified as NE import Data.Text.Extended (ToTxt (toTxt)) import Data.Text.NonEmpty qualified as TNE +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.Translate.BoolExp (toSQLBoolExp, withRedactionExp) @@ -88,7 +89,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.NamingCase (NamingCase) import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Schema.Options qualified as Options -import Hasura.RQL.Types.Session (UserInfo) processSelectParams :: forall pgKind m. diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Simple.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Simple.hs index 14e8994b05b74..5ab2c859c63ed 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Simple.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Simple.hs @@ -9,6 +9,7 @@ where -- import Control.Monad.Writer.Strict (runWriter) import Database.PG.Query (Query) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types (IsIdentifier (toIdentifier)) import Hasura.Backends.Postgres.Translate.Select.AnnotatedFieldJSON @@ -29,7 +30,6 @@ import Hasura.RQL.Types.Common ( FieldName (FieldName), JsonAggSelect, ) -import Hasura.RQL.Types.Session (UserInfo) -- | Translates IR to Postgres queries for simple SELECTs (select queries that -- are not aggregations, including subscriptions). diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Streaming.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Streaming.hs index ba66338e2bb51..b1648c5419bf1 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Streaming.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Select/Streaming.hs @@ -13,6 +13,7 @@ module Hasura.Backends.Postgres.Translate.Select.Streaming where import Database.PG.Query (Query) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.SQL.Value (withConstructorFn) @@ -54,7 +55,6 @@ import Hasura.RQL.Types.Common JsonAggSelect (JASMultipleRows), getFieldNameTxt, ) -import Hasura.RQL.Types.Session (UserInfo) import Hasura.RQL.Types.Subscription ( CursorOrdering (CODescending), ) diff --git a/server/src-lib/Hasura/Backends/Postgres/Translate/Update.hs b/server/src-lib/Hasura/Backends/Postgres/Translate/Update.hs index 1649882e5437b..e197ce58bfb6b 100644 --- a/server/src-lib/Hasura/Backends/Postgres/Translate/Update.hs +++ b/server/src-lib/Hasura/Backends/Postgres/Translate/Update.hs @@ -8,6 +8,7 @@ module Hasura.Backends.Postgres.Translate.Update where import Data.HashMap.Strict qualified as HashMap +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.Translate.BoolExp @@ -22,7 +23,6 @@ import Hasura.RQL.IR.Update.Batch import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column -import Hasura.RQL.Types.Session (UserInfo) import Hasura.SQL.Types data UpdateCTE diff --git a/server/src-lib/Hasura/Eventing/Backend.hs b/server/src-lib/Hasura/Eventing/Backend.hs index e3f3e0338503b..b642899268a38 100644 --- a/server/src-lib/Hasura/Eventing/Backend.hs +++ b/server/src-lib/Hasura/Eventing/Backend.hs @@ -7,6 +7,7 @@ import Control.Monad.Trans.Control (MonadBaseControl) import Data.Aeson import Data.Set.NonEmpty qualified as NE import Data.Time.Clock qualified as Time +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.MSSQL.DDL.EventTrigger qualified as MSSQL import Hasura.Backends.Postgres.DDL.EventTrigger qualified as Postgres import Hasura.Base.Error @@ -17,7 +18,6 @@ import Hasura.RQL.Types.Column (ColumnInfo) import Hasura.RQL.Types.Common import Hasura.RQL.Types.EventTrigger import Hasura.RQL.Types.Eventing -import Hasura.RQL.Types.Session (UserInfo) import Hasura.RQL.Types.Source import Hasura.Server.Types (MaintenanceMode) import Hasura.Table.Cache (PrimaryKey) diff --git a/server/src-lib/Hasura/Eventing/HTTP.hs b/server/src-lib/Hasura/Eventing/HTTP.hs index 5a9de97514b2f..f655a850fcca0 100644 --- a/server/src-lib/Hasura/Eventing/HTTP.hs +++ b/server/src-lib/Hasura/Eventing/HTTP.hs @@ -60,6 +60,7 @@ import Data.Text qualified as T import Data.Text.Encoding qualified as TE import Data.Text.Encoding.Error qualified as TE import Data.URL.Template (mkPlainTemplate, printTemplate) +import Hasura.Authentication.Session (SessionVariables) import Hasura.HTTP import Hasura.Logging import Hasura.Prelude @@ -69,7 +70,6 @@ import Hasura.RQL.Types.EventTrigger import Hasura.RQL.Types.Eventing import Hasura.RQL.Types.Headers import Hasura.Server.Types (TriggersErrorLogLevelStatus, isTriggersErrorLogLevelEnabled) -import Hasura.Session (SessionVariables) import Hasura.Tracing import Network.HTTP.Client.Transformable qualified as HTTP diff --git a/server/src-lib/Hasura/Function/API.hs b/server/src-lib/Hasura/Function/API.hs index 73060008f9020..2c8bd0f9c79ba 100644 --- a/server/src-lib/Hasura/Function/API.hs +++ b/server/src-lib/Hasura/Function/API.hs @@ -26,6 +26,7 @@ import Data.Aeson import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.Text.Extended +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.EncJSON import Hasura.Function.Cache @@ -39,7 +40,6 @@ import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Metadata.Backend import Hasura.RQL.Types.Metadata.Instances () import Hasura.RQL.Types.Metadata.Object -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build import Hasura.SQL.AnyBackend qualified as AB diff --git a/server/src-lib/Hasura/Function/Cache.hs b/server/src-lib/Hasura/Function/Cache.hs index 86a28fbc134c5..4fb6d66072b26 100644 --- a/server/src-lib/Hasura/Function/Cache.hs +++ b/server/src-lib/Hasura/Function/Cache.hs @@ -41,11 +41,11 @@ import Data.List.Extended as LE import Data.Sequence qualified as Seq import Data.Text qualified as T import Data.Text.Extended +import Hasura.Authentication.Role (RoleName) import Hasura.Prelude import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common -import Hasura.RQL.Types.Roles (RoleName) import Language.GraphQL.Draft.Syntax qualified as G import Language.Haskell.TH.Syntax diff --git a/server/src-lib/Hasura/GraphQL/Execute.hs b/server/src-lib/Hasura/GraphQL/Execute.hs index bc05c6b4b3e32..9a05a758eb74a 100644 --- a/server/src-lib/Hasura/GraphQL/Execute.hs +++ b/server/src-lib/Hasura/GraphQL/Execute.hs @@ -26,6 +26,8 @@ import Data.HashSet qualified as HS import Data.List (elemIndex) import Data.Monoid (Endo (..)) import Data.Tagged qualified as Tagged +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.User (BackendOnlyFieldAccess (..), UserInfo (..)) import Hasura.Backends.Postgres.Execute.Types import Hasura.Base.Error import Hasura.EncJSON @@ -57,7 +59,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common import Hasura.RQL.Types.OpenTelemetry (getOtelTracesPropagator) -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options (RemoveEmptySubscriptionResponses (..)) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.Subscription @@ -66,7 +67,6 @@ import Hasura.Server.Init qualified as Init import Hasura.Server.Prometheus (PrometheusMetrics) import Hasura.Server.Types (HeaderPrecedence, MonadGetPolicies, ReadOnlyMode (..), RequestId (..), TraceQueryStatus) import Hasura.Services -import Hasura.Session (BackendOnlyFieldAccess (..), UserInfo (..)) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/GraphQL/Execute/Action.hs b/server/src-lib/Hasura/GraphQL/Execute/Action.hs index 1b833e53c6b14..79fbcd010165c 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Action.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Action.hs @@ -41,6 +41,10 @@ import Data.Text.Extended import Data.Text.NonEmpty import Database.PG.Query qualified as PG import Hasura.App.State +import Hasura.Authentication.Header (mkSetCookieHeaders) +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.Session (SessionVariables, mkClientHeadersForward) +import Hasura.Authentication.User (UserInfo, _uiRole, _uiSession) import Hasura.Backends.Postgres.Connection.MonadTx import Hasura.Backends.Postgres.Execute.Prepare import Hasura.Backends.Postgres.Execute.Types @@ -77,17 +81,11 @@ import Hasura.RQL.Types.CustomTypes import Hasura.RQL.Types.Eventing import Hasura.RQL.Types.Headers (HeaderConf) import Hasura.RQL.Types.OpenTelemetry (getOtelTracesPropagator) -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RQL.Types.SchemaCache import Hasura.Server.Init.Config (OptionalInterval (..), ResponseInternalErrorsConfig (..), shouldIncludeInternal) import Hasura.Server.Prometheus (PrometheusMetrics (..)) import Hasura.Server.Types (HeaderPrecedence (..)) -import Hasura.Server.Utils - ( mkClientHeadersForward, - mkSetCookieHeaders, - ) -import Hasura.Session (SessionVariables, UserInfo, _uiRole, _uiSession) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Client.Transformable qualified as HTTP diff --git a/server/src-lib/Hasura/GraphQL/Execute/Action/Types.hs b/server/src-lib/Hasura/GraphQL/Execute/Action/Types.hs index 0c50b794accaf..91f724e5dda48 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Action/Types.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Action/Types.hs @@ -19,6 +19,7 @@ import Control.Monad.Trans.Control (MonadBaseControl) import Data.Aeson qualified as J import Data.Aeson.Casing qualified as J import Data.Int (Int64) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Base.Error import Hasura.EncJSON import Hasura.GraphQL.Transport.HTTP.Protocol @@ -31,7 +32,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common import Hasura.RQL.Types.Headers (HeaderConf) -import Hasura.Session import Hasura.Tracing qualified as Tracing import Network.HTTP.Client.Transformable qualified as HTTP diff --git a/server/src-lib/Hasura/GraphQL/Execute/Backend.hs b/server/src-lib/Hasura/GraphQL/Execute/Backend.hs index ac2045bd0a5b8..7f81ef9007e5a 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Backend.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Backend.hs @@ -19,6 +19,7 @@ import Data.Environment qualified as Env import Data.Kind (Type) import Data.Text.Extended import Data.Text.NonEmpty (mkNonEmptyTextUnsafe) +import Hasura.Authentication.User (UserInfo) import Hasura.Base.Error import Hasura.EncJSON import Hasura.GraphQL.Execute.Action.Types (ActionExecutionPlan) @@ -43,7 +44,6 @@ import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RemoteSchema.SchemaCache import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types -import Hasura.Session import Hasura.Tracing (MonadTrace) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Execute/Common.hs b/server/src-lib/Hasura/GraphQL/Execute/Common.hs index 1b42c98274a9f..baab3958c65f9 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Common.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Common.hs @@ -4,6 +4,7 @@ module Hasura.GraphQL.Execute.Common where import Data.Aeson.Ordered qualified as JO +import Hasura.Authentication.User (UserInfo) import Hasura.Base.Error import Hasura.GraphQL.Execute.Backend import Hasura.GraphQL.Transport.HTTP.Protocol @@ -12,7 +13,6 @@ import Hasura.RQL.Types.GraphqlSchemaIntrospection import Hasura.RQL.Types.SchemaCache import Hasura.Server.Init (AllowListStatus) import Hasura.Server.Types (RequestId) -import Hasura.Session import Hasura.Tracing qualified as Tracing import Network.HTTP.Types qualified as HTTP import Network.Wai.Extended qualified as Wai diff --git a/server/src-lib/Hasura/GraphQL/Execute/Mutation.hs b/server/src-lib/Hasura/GraphQL/Execute/Mutation.hs index bd1db12bf887a..97c224662c60e 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Mutation.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Mutation.hs @@ -8,6 +8,7 @@ import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.Tagged qualified as Tagged import Data.Text.Extended (toTxt, (<>>)) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Base.Error import Hasura.GraphQL.Context import Hasura.GraphQL.Execute.Action @@ -39,7 +40,6 @@ import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Prometheus (PrometheusMetrics (..)) import Hasura.Server.Types import Hasura.Services -import Hasura.Session import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/GraphQL/Execute/Query.hs b/server/src-lib/Hasura/GraphQL/Execute/Query.hs index a2ab01ff641d9..0c2a2cc884c48 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Query.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Query.hs @@ -10,6 +10,7 @@ import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.Tagged qualified as Tagged import Data.Text.Extended (toTxt, (<>>)) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Base.Error import Hasura.GraphQL.Context import Hasura.GraphQL.Execute.Action @@ -41,7 +42,6 @@ import Hasura.Server.Init.Config (ResponseInternalErrorsConfig (..)) import Hasura.Server.Prometheus (PrometheusMetrics (..)) import Hasura.Server.Types (HeaderPrecedence, MonadGetPolicies, RequestId (..), TraceQueryStatus) import Hasura.Services.Network -import Hasura.Session import Hasura.Tracing (MonadTrace) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Execute/Remote.hs b/server/src-lib/Hasura/GraphQL/Execute/Remote.hs index 9571f307d33d2..f9095ae0e4808 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Remote.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Remote.hs @@ -14,6 +14,8 @@ import Data.HashMap.Strict qualified as HashMap import Data.HashSet qualified as Set import Data.Text qualified as T import Data.Text.Extended +import Hasura.Authentication.Session (getSessionVariableValue, sessionVariableToGraphQLName, sessionVariableToText) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Base.Error import Hasura.GraphQL.Execute.Backend import Hasura.GraphQL.Execute.RemoteJoin.Types (RemoteJoins) @@ -25,7 +27,6 @@ import Hasura.RQL.IR.RemoteSchema qualified as IR import Hasura.RQL.Types.Relationships.Remote import Hasura.RQL.Types.ResultCustomization import Hasura.RemoteSchema.SchemaCache -import Hasura.Session import Language.GraphQL.Draft.Syntax qualified as G getVariableDefinitionAndValue :: Variable -> (G.VariableDefinition, (G.Name, J.Value)) diff --git a/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Join.hs b/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Join.hs index 5b5943e52ee6d..58aa6b60adea1 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Join.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Join.hs @@ -17,6 +17,7 @@ import Data.IntMap.Strict qualified as IntMap import Data.Text qualified as T import Data.Text.Extended (ToTxt (..)) import Data.Tuple (swap) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Base.Error import Hasura.CredentialCache @@ -40,7 +41,6 @@ import Hasura.RemoteSchema.SchemaCache import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types (MonadGetPolicies, RequestId, TraceQueryStatus) import Hasura.Services.Network -import Hasura.Session import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/RemoteSchema.hs b/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/RemoteSchema.hs index 2a23b1ad6c2fc..b53d744028b6f 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/RemoteSchema.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/RemoteSchema.hs @@ -31,6 +31,7 @@ import Data.List.NonEmpty qualified as NE import Data.Text qualified as T import Data.Text.Extended (commaSeparated, toTxt, (<<>), (<>>)) import Data.Validation (Validation (..), toEither) +import Hasura.Authentication.User (UserInfo) import Hasura.Base.Error import Hasura.Base.ErrorMessage (fromErrorMessage) import Hasura.GraphQL.Execute.Remote @@ -46,7 +47,6 @@ import Hasura.RQL.IR.RemoteSchema (convertSelectionSet) import Hasura.RQL.Types.Common import Hasura.RQL.Types.ResultCustomization import Hasura.RemoteSchema.SchemaCache -import Hasura.Session import Hasura.Tracing (MonadTrace) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Source.hs b/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Source.hs index ce590a4f82116..e560e4f438b3c 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Source.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/RemoteJoin/Source.hs @@ -33,6 +33,7 @@ import Data.Scientific qualified as Scientific import Data.Text qualified as T import Data.Text.Extended ((<<>), (<>>)) import Data.Text.Read qualified as TR +import Hasura.Authentication.User (UserInfo) import Hasura.Base.Error import Hasura.GraphQL.Execute.Backend qualified as EB import Hasura.GraphQL.Execute.Instances () @@ -46,7 +47,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.Common import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types -import Hasura.Session import Hasura.Tracing (MonadTrace) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Plan.hs b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Plan.hs index b3f85a1bbed8d..83ad3c5102102 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Plan.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Plan.hs @@ -128,13 +128,13 @@ import Data.UUID qualified as UUID import Data.UUID.V4 qualified as UUID import Database.PG.Query qualified as PG import Database.PG.Query.PTI qualified as PTI +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.Session (SessionVariable, SessionVariables, filterSessionVariables) import Hasura.Backends.Postgres.SQL.Value import Hasura.EncJSON import Hasura.Prelude import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType -import Hasura.RQL.Types.Roles (RoleName) -import Hasura.Session (SessionVariable, SessionVariables, filterSessionVariables) import Language.GraphQL.Draft.Syntax qualified as G import PostgreSQL.Binary.Encoding qualified as PE diff --git a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/Common.hs b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/Common.hs index 84eb041b9694e..8d93df7b798d5 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/Common.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/Common.hs @@ -58,6 +58,7 @@ import Data.Text (unpack) import Data.Time.Clock qualified as Clock import Data.UUID qualified as UUID import Data.UUID.V4 qualified as UUID +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error (QErr, showQErr) import Hasura.GraphQL.Execute.Subscription.Options import Hasura.GraphQL.Execute.Subscription.Plan @@ -70,7 +71,6 @@ import Hasura.Logging qualified as L import Hasura.Prelude import Hasura.RQL.Types.Backend import Hasura.RQL.Types.Common (SourceName) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.Subscription (SubscriptionType) import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Types (RequestId) diff --git a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/LiveQuery.hs b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/LiveQuery.hs index 9fa56532e44cb..9a3b7192bc9a5 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/LiveQuery.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/LiveQuery.hs @@ -17,6 +17,7 @@ import Data.List.Split (chunksOf) import Data.Monoid (Endo (..), Sum (..)) import Data.Text.Extended import GHC.AssertNF.CPP +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.GraphQL.Execute.Backend import Hasura.GraphQL.Execute.Subscription.Options @@ -36,7 +37,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendTag (backendTag, reify) import Hasura.RQL.Types.BackendType (BackendType (..), PostgresKind (Vanilla)) import Hasura.RQL.Types.Common (SourceName) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.Subscription (SubscriptionType (..)) import Hasura.Server.Logging (ModelInfo (..), ModelInfoLog (..)) import Hasura.Server.Prometheus (PrometheusMetrics (..), SubscriptionMetrics (..), liveQuerySubscriptionLabel, recordSubscriptionMetric) diff --git a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/StreamingQuery.hs b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/StreamingQuery.hs index ca552f1bd7a97..74052503a0f08 100644 --- a/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/StreamingQuery.hs +++ b/server/src-lib/Hasura/GraphQL/Execute/Subscription/Poll/StreamingQuery.hs @@ -18,6 +18,7 @@ import Data.List.Split (chunksOf) import Data.Monoid (Endo (..), Sum (..)) import Data.Text.Extended import GHC.AssertNF.CPP +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.GraphQL.Execute.Backend import Hasura.GraphQL.Execute.Subscription.Options @@ -37,7 +38,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendTag (backendTag, reify) import Hasura.RQL.Types.BackendType (BackendType (..), PostgresKind (Vanilla)) import Hasura.RQL.Types.Common (SourceName) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.Subscription (SubscriptionType (..)) import Hasura.SQL.Value (TxtEncodedVal (..)) import Hasura.Server.Logging (ModelInfo (..), ModelInfoLog (..)) diff --git a/server/src-lib/Hasura/GraphQL/Explain.hs b/server/src-lib/Hasura/GraphQL/Explain.hs index 44f89aa7a9a21..2df747247f476 100644 --- a/server/src-lib/Hasura/GraphQL/Explain.hs +++ b/server/src-lib/Hasura/GraphQL/Explain.hs @@ -8,6 +8,9 @@ import Control.Monad.Trans.Control (MonadBaseControl) import Data.Aeson qualified as J import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.Session (mkSessionVariablesText) +import Hasura.Authentication.User (UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkUserInfo) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Base.Error import Hasura.CredentialCache @@ -30,12 +33,10 @@ import Hasura.Metadata.Class import Hasura.Prelude import Hasura.QueryTags import Hasura.RQL.IR -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RQL.Types.SchemaCache import Hasura.SQL.AnyBackend qualified as AB import Hasura.Server.Init.Config (ResponseInternalErrorsConfig) -import Hasura.Session (UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkSessionVariablesText, mkUserInfo) import Hasura.Tracing (MonadTrace) import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/GraphQL/RemoteServer.hs b/server/src-lib/Hasura/GraphQL/RemoteServer.hs index 0e88113ffedb1..0a7b91ebf0ac7 100644 --- a/server/src-lib/Hasura/GraphQL/RemoteServer.hs +++ b/server/src-lib/Hasura/GraphQL/RemoteServer.hs @@ -22,6 +22,10 @@ import Data.HashSet qualified as Set import Data.List.Extended (duplicates) import Data.Text qualified as T import Data.Text.Extended (dquoteList, (<<>)) +import Hasura.Authentication.Header (mkSetCookieHeaders) +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.Session (mkClientHeadersForward, sessionVariablesToHeaders) +import Hasura.Authentication.User (UserInfo, adminUserInfo, _uiSession) import Hasura.Base.Error import Hasura.GraphQL.Parser.Monad (Parse) import Hasura.GraphQL.Parser.Name qualified as GName @@ -33,13 +37,10 @@ import Hasura.HTTP import Hasura.Prelude import Hasura.RQL.DDL.Headers (makeHeadersFromConf) import Hasura.RQL.Types.Common -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RemoteSchema.Metadata import Hasura.RemoteSchema.SchemaCache.Types -import Hasura.Server.Utils import Hasura.Services.Network -import Hasura.Session (UserInfo, adminUserInfo, sessionVariablesToHeaders, _uiSession) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Parser qualified as G import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Schema.hs b/server/src-lib/Hasura/GraphQL/Schema.hs index 2025e6393de73..0b020bc320cfa 100644 --- a/server/src-lib/Hasura/GraphQL/Schema.hs +++ b/server/src-lib/Hasura/GraphQL/Schema.hs @@ -19,6 +19,7 @@ import Data.List.Extended (duplicates) import Data.Text.Extended import Data.Text.NonEmpty qualified as NT import Database.PG.Query.Pool qualified as PG +import Hasura.Authentication.Role (RoleName, adminRoleName, mkRoleNameSafe) import Hasura.Base.Error import Hasura.Base.ErrorMessage import Hasura.Base.ToErrorValue @@ -61,7 +62,6 @@ import Hasura.RQL.Types.CustomTypes import Hasura.RQL.Types.Metadata.Object import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles (RoleName, adminRoleName, mkRoleNameSafe) import Hasura.RQL.Types.Schema.Options (SchemaOptions (..)) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RQL.Types.SchemaCache hiding (askTableInfo) diff --git a/server/src-lib/Hasura/GraphQL/Schema/Action.hs b/server/src-lib/Hasura/GraphQL/Schema/Action.hs index 60e543ebfb1fe..de0da05a49881 100644 --- a/server/src-lib/Hasura/GraphQL/Schema/Action.hs +++ b/server/src-lib/Hasura/GraphQL/Schema/Action.hs @@ -13,6 +13,7 @@ import Data.Aeson.KeyMap qualified as KM import Data.HashMap.Strict qualified as HashMap import Data.Text.Extended import Data.Text.NonEmpty +import Hasura.Authentication.Role (adminRoleName) import Hasura.Backends.Postgres.Instances.Schema () import Hasura.Backends.Postgres.SQL.Types import Hasura.Backends.Postgres.Types.Column @@ -42,7 +43,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.CustomTypes import Hasura.RQL.Types.NamingCase import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.SQL.AnyBackend qualified as AB import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Schema/Common.hs b/server/src-lib/Hasura/GraphQL/Schema/Common.hs index 0207ca8ceedf3..9e92a884df5be 100644 --- a/server/src-lib/Hasura/GraphQL/Schema/Common.hs +++ b/server/src-lib/Hasura/GraphQL/Schema/Common.hs @@ -80,6 +80,7 @@ import Data.Text qualified as T import Data.Text.Casing (GQLNameIdentifier) import Data.Text.Casing qualified as C import Data.Text.Extended +import Hasura.Authentication.Role (RoleName, adminRoleName) import Hasura.Backends.Postgres.SQL.Types qualified as Postgres import Hasura.Base.Error import Hasura.Function.Cache @@ -99,7 +100,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.Common import Hasura.RQL.Types.ComputedField.Name (ComputedFieldName) import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.RQL.Types.Schema.Options (SchemaOptions) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RQL.Types.SchemaCache hiding (askTableInfo) diff --git a/server/src-lib/Hasura/GraphQL/Schema/RemoteRelationship.hs b/server/src-lib/Hasura/GraphQL/Schema/RemoteRelationship.hs index b6603149b8383..f95e4cb2adc04 100644 --- a/server/src-lib/Hasura/GraphQL/Schema/RemoteRelationship.hs +++ b/server/src-lib/Hasura/GraphQL/Schema/RemoteRelationship.hs @@ -8,6 +8,7 @@ import Data.HashMap.Strict.Extended qualified as HashMap import Data.List.NonEmpty qualified as NE import Data.Text.Casing qualified as C import Data.Text.Extended +import Hasura.Authentication.Role (adminRoleName) import Hasura.Base.Error import Hasura.GraphQL.Schema.Backend import Hasura.GraphQL.Schema.Common @@ -22,7 +23,6 @@ import Hasura.RQL.IR qualified as IR import Hasura.RQL.Types.Common (FieldName, RelType (..), relNameToTxt) import Hasura.RQL.Types.Relationships.Remote import Hasura.RQL.Types.ResultCustomization -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options import Hasura.RQL.Types.SchemaCache hiding (askTableInfo) import Hasura.RQL.Types.Source diff --git a/server/src-lib/Hasura/GraphQL/Schema/Table.hs b/server/src-lib/Hasura/GraphQL/Schema/Table.hs index a02a290d9c8a6..79af2ad70547d 100644 --- a/server/src-lib/Hasura/GraphQL/Schema/Table.hs +++ b/server/src-lib/Hasura/GraphQL/Schema/Table.hs @@ -24,6 +24,7 @@ import Data.HashSet qualified as Set import Data.Text.Casing (GQLNameIdentifier) import Data.Text.Casing qualified as C import Data.Text.Extended +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error (QErr) import Hasura.GraphQL.Schema.Backend import Hasura.GraphQL.Schema.Common @@ -39,7 +40,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.Column import Hasura.RQL.Types.ComputedField import Hasura.RQL.Types.Relationships.Local -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache hiding (askTableInfo) import Hasura.RQL.Types.Source import Hasura.RQL.Types.SourceCustomization diff --git a/server/src-lib/Hasura/GraphQL/Transport/Backend.hs b/server/src-lib/Hasura/GraphQL/Transport/Backend.hs index 9045211953505..59738214b48ee 100644 --- a/server/src-lib/Hasura/GraphQL/Transport/Backend.hs +++ b/server/src-lib/Hasura/GraphQL/Transport/Backend.hs @@ -5,6 +5,7 @@ where import Control.Monad.Trans.Control import Data.ByteString qualified as B +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Base.Error import Hasura.CredentialCache @@ -20,7 +21,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.SQL.AnyBackend (AnyBackend) import Hasura.Server.Types (RequestId) -import Hasura.Session import Hasura.Tracing -- | This typeclass enacapsulates how a given backend sends queries and mutations over the diff --git a/server/src-lib/Hasura/GraphQL/Transport/HTTP.hs b/server/src-lib/Hasura/GraphQL/Transport/HTTP.hs index abf6a1d39d402..316b39f311785 100644 --- a/server/src-lib/Hasura/GraphQL/Transport/HTTP.hs +++ b/server/src-lib/Hasura/GraphQL/Transport/HTTP.hs @@ -42,6 +42,8 @@ import Data.Monoid (Any (..)) import Data.Text qualified as T import Data.Text.Extended (toTxt, (<>>)) import Data.Vector qualified as Vec +import Hasura.Authentication.Session (SessionVariable, SessionVariableValue, SessionVariables, filterSessionVariables) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Backends.Postgres.Instances.Transport (runPGMutationTransaction) import Hasura.Base.Error @@ -97,7 +99,6 @@ import Hasura.Server.Prometheus import Hasura.Server.Telemetry.Counters qualified as Telem import Hasura.Server.Types (HeaderPrecedence, ModelInfoLogState (..), MonadGetPolicies (..), ReadOnlyMode (..), RemoteSchemaResponsePriority (..), RequestId (..), TraceQueryStatus (TraceQueryEnabled)) import Hasura.Services -import Hasura.Session (SessionVariable, SessionVariableValue, SessionVariables, UserInfo (..), filterSessionVariables) import Hasura.Tracing (MonadTrace, attachMetadata) import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Transport/WebSocket.hs b/server/src-lib/Hasura/GraphQL/Transport/WebSocket.hs index 47ca51fb3d977..cc5bcf8e8610f 100644 --- a/server/src-lib/Hasura/GraphQL/Transport/WebSocket.hs +++ b/server/src-lib/Hasura/GraphQL/Transport/WebSocket.hs @@ -49,6 +49,8 @@ import Data.Time.Clock qualified as TC import Data.Word (Word16) import GHC.AssertNF.CPP import Hasura.App.State +import Hasura.Authentication.Session (SessionVariables) +import Hasura.Authentication.User (UserInfo (..)) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Backends.Postgres.Instances.Transport (runPGMutationTransaction) import Hasura.Base.Error @@ -107,7 +109,6 @@ import Hasura.Server.Prometheus import Hasura.Server.Telemetry.Counters qualified as Telem import Hasura.Server.Types (GranularPrometheusMetricsState (..), HeaderPrecedence, ModelInfoLogState (..), MonadGetPolicies (..), RemoteSchemaResponsePriority, RequestId, TraceQueryStatus (TraceQueryEnabled), getRequestId) import Hasura.Services.Network -import Hasura.Session import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax (Name (..)) import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/GraphQL/Transport/WebSocket/Types.hs b/server/src-lib/Hasura/GraphQL/Transport/WebSocket/Types.hs index a33e7aa2c4c1c..67e5aad3b498d 100644 --- a/server/src-lib/Hasura/GraphQL/Transport/WebSocket/Types.hs +++ b/server/src-lib/Hasura/GraphQL/Transport/WebSocket/Types.hs @@ -12,6 +12,7 @@ where import Control.Concurrent.STM qualified as STM import Data.Time.Clock qualified as TC +import Hasura.Authentication.User (UserInfo) import Hasura.GraphQL.Execute qualified as E import Hasura.GraphQL.Execute.Subscription.State qualified as ES import Hasura.GraphQL.Transport.HTTP.Protocol @@ -26,7 +27,6 @@ import Hasura.Server.Init.Config (KeepAliveDelay (..)) import Hasura.Server.Metrics (ServerMetrics (..)) import Hasura.Server.Prometheus (PrometheusMetrics (..)) import Hasura.Server.Types (ReadOnlyMode (..)) -import Hasura.Session import Hasura.Tracing qualified as Tracing import Network.HTTP.Client qualified as HTTP import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/HTTP.hs b/server/src-lib/Hasura/HTTP.hs index 7e0c8c7eab17f..718b0f43438f2 100644 --- a/server/src-lib/Hasura/HTTP.hs +++ b/server/src-lib/Hasura/HTTP.hs @@ -30,8 +30,8 @@ import Data.Text qualified as T import Data.Text.Conversions (UTF8 (..), convertText) import Data.Text.Encoding qualified as TE import Data.Text.Encoding.Error qualified as TE +import Hasura.Authentication.Header (redactSensitiveHeader) import Hasura.Prelude -import Hasura.Server.Utils (redactSensitiveHeader) import Hasura.Server.Version (currentVersion) import Network.HTTP.Client qualified as HTTP import Network.HTTP.Client.Restricted qualified as Restricted diff --git a/server/src-lib/Hasura/LogicalModel/API.hs b/server/src-lib/Hasura/LogicalModel/API.hs index e7a56442415cf..793ce17c8a999 100644 --- a/server/src-lib/Hasura/LogicalModel/API.hs +++ b/server/src-lib/Hasura/LogicalModel/API.hs @@ -23,6 +23,7 @@ import Control.Lens (Traversal', has, preview, (^?)) import Data.Aeson import Data.HashMap.Strict.InsOrd.Extended qualified as InsOrdHashMap import Data.Text.Extended (toTxt, (<<>)) +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.EncJSON import Hasura.LogicalModel.Lenses (lmmSelectPermissions) @@ -40,7 +41,6 @@ import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Metadata.Backend import Hasura.RQL.Types.Metadata.Object import Hasura.RQL.Types.Permission (PermDef (_pdRole), SelPerm) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache.Build import Hasura.SQL.AnyBackend qualified as AB diff --git a/server/src-lib/Hasura/LogicalModel/Common.hs b/server/src-lib/Hasura/LogicalModel/Common.hs index ed4be3c18f320..58ff82de866e5 100644 --- a/server/src-lib/Hasura/LogicalModel/Common.hs +++ b/server/src-lib/Hasura/LogicalModel/Common.hs @@ -10,6 +10,7 @@ import Data.Bifunctor (bimap) import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.Text.Extended (ToTxt (toTxt)) +import Hasura.Authentication.Role (RoleName, adminRoleName) import Hasura.GraphQL.Schema.Common ( partialSQLExpToUnpreparedValue, ) @@ -22,7 +23,6 @@ import Hasura.RQL.IR.BoolExp (AnnRedactionExp (..), gBoolExpTrue) import Hasura.RQL.Types.Backend (Backend (..)) import Hasura.RQL.Types.Column (ColumnInfo (..), ColumnMutability (..), ColumnType (..), NestedArrayInfo (..), NestedObjectInfo (..), StructuredColumnInfo (..), fromCol) import Hasura.RQL.Types.Permission (AllowedRootFields (..)) -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.Table.Cache (FieldInfo (..), FieldInfoMap, RolePermInfo (..), SelPermInfo (..)) import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/LogicalModel/Fields.hs b/server/src-lib/Hasura/LogicalModel/Fields.hs index 83db6ef87c000..c110dda8ce5ca 100644 --- a/server/src-lib/Hasura/LogicalModel/Fields.hs +++ b/server/src-lib/Hasura/LogicalModel/Fields.hs @@ -5,10 +5,10 @@ module Hasura.LogicalModel.Fields (LogicalModelFieldsRM (..), LogicalModelFieldsLookupRT (..), runLogicalModelFieldsLookup) where import Data.HashMap.Strict qualified as HashMap +import Hasura.Authentication.User (UserInfoM) import Hasura.Backends.Postgres.Connection qualified as Postgres import Hasura.LogicalModel.Types import Hasura.Prelude -import Hasura.RQL.Types.Session (UserInfoM) import Hasura.Tracing (TraceT) -- | Class for looking up Logical Models diff --git a/server/src-lib/Hasura/LogicalModel/Metadata.hs b/server/src-lib/Hasura/LogicalModel/Metadata.hs index c4a9a066206ab..2b637e0bc677f 100644 --- a/server/src-lib/Hasura/LogicalModel/Metadata.hs +++ b/server/src-lib/Hasura/LogicalModel/Metadata.hs @@ -12,6 +12,7 @@ import Autodocodec qualified as AC import Data.Aeson (FromJSON (parseJSON), ToJSON, (.!=), (.:), (.:?)) import Data.Aeson qualified as J import Data.HashMap.Strict.InsOrd.Autodocodec (sortedElemsCodec) +import Hasura.Authentication.Role (RoleName) import Hasura.LogicalModel.Types import Hasura.Prelude hiding (first) import Hasura.RQL.Types.Backend (Backend (..)) @@ -19,7 +20,6 @@ import Hasura.RQL.Types.BackendTag (backendPrefix) import Hasura.RQL.Types.BackendType (BackendType) import Hasura.RQL.Types.Common (SourceName, ToAesonPairs (toAesonPairs), defaultSource) import Hasura.RQL.Types.Permission (SelPermDef, _pdRole) -import Hasura.RQL.Types.Roles (RoleName) -- | Description of a logical model for use in metadata (before schema cache) data LogicalModelMetadata (b :: BackendType) = LogicalModelMetadata diff --git a/server/src-lib/Hasura/LogicalModel/Schema.hs b/server/src-lib/Hasura/LogicalModel/Schema.hs index 6f460fb5b7a45..3498caade628d 100644 --- a/server/src-lib/Hasura/LogicalModel/Schema.hs +++ b/server/src-lib/Hasura/LogicalModel/Schema.hs @@ -20,6 +20,7 @@ import Data.List.NonEmpty qualified as NE import Data.Set qualified as S import Data.Text.Extended import Data.Text.NonEmpty (mkNonEmptyText) +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.GraphQL.Parser.Internal.Parser qualified as IP import Hasura.GraphQL.Schema.Backend @@ -67,7 +68,6 @@ import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common (RelName (..)) import Hasura.RQL.Types.Metadata.Object import Hasura.RQL.Types.Relationships.Local (Nullable (..)) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.Source import Hasura.RQL.Types.SourceCustomization import Hasura.Table.Cache (SelPermInfo (..)) diff --git a/server/src-lib/Hasura/LogicalModelResolver/Metadata.hs b/server/src-lib/Hasura/LogicalModelResolver/Metadata.hs index d56c1bcd10ea8..ccd1d90bd9e31 100644 --- a/server/src-lib/Hasura/LogicalModelResolver/Metadata.hs +++ b/server/src-lib/Hasura/LogicalModelResolver/Metadata.hs @@ -11,6 +11,7 @@ import Autodocodec qualified as AC import Data.Aeson (FromJSON (..), ToJSON (..)) import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.HashMap.Strict.InsOrd.Autodocodec (sortedElemsCodec) +import Hasura.Authentication.Role (RoleName) import Hasura.LogicalModel.Types import Hasura.Metadata.DTO.Placeholder (placeholderCodecViaJSON) import Hasura.Prelude hiding (first) @@ -18,7 +19,6 @@ import Hasura.RQL.Types.Backend (Backend (..)) import Hasura.RQL.Types.BackendTag (backendPrefix) import Hasura.RQL.Types.BackendType (BackendType) import Hasura.RQL.Types.Permission (SelPermDef, _pdRole) -import Hasura.RQL.Types.Roles (RoleName) -- | the name of a Logical Model, or an inline Logical Model data LogicalModelIdentifier (b :: BackendType) diff --git a/server/src-lib/Hasura/Metadata/Class.hs b/server/src-lib/Hasura/Metadata/Class.hs index a7030a89a2d60..db2b16d1c9549 100644 --- a/server/src-lib/Hasura/Metadata/Class.hs +++ b/server/src-lib/Hasura/Metadata/Class.hs @@ -18,6 +18,7 @@ where import Control.Monad.Trans.Extended import Control.Monad.Trans.Managed import Data.Aeson +import Hasura.Authentication.Session (SessionVariables) import Hasura.Base.Error import Hasura.Eventing.ScheduledTrigger.Types import Hasura.Prelude @@ -30,7 +31,6 @@ import Hasura.RQL.Types.ScheduledTrigger import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build import Hasura.Server.Types -import Hasura.Session import Hasura.Tracing.Monad (TraceT) import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Metadata/DTO/MetadataV3.hs b/server/src-lib/Hasura/Metadata/DTO/MetadataV3.hs index 7a6ba91d03914..d7f7b2e5c0941 100644 --- a/server/src-lib/Hasura/Metadata/DTO/MetadataV3.hs +++ b/server/src-lib/Hasura/Metadata/DTO/MetadataV3.hs @@ -17,6 +17,7 @@ import Autodocodec.OpenAPI () import Data.Aeson (FromJSON, ToJSON) import Data.HashMap.Strict.InsOrd.Autodocodec (sortedElemsCodec) import Data.OpenApi qualified as OpenApi +import Hasura.Authentication.Role (Role (_rRoleName)) import Hasura.Prelude import Hasura.RQL.Types.Action (ActionMetadata (_amName)) import Hasura.RQL.Types.Allowlist (AllowlistEntry (aeCollection), MetadataAllowlist) @@ -28,7 +29,6 @@ import Hasura.RQL.Types.GraphqlSchemaIntrospection (SetGraphqlIntrospectionOptio import Hasura.RQL.Types.Metadata.Common (Actions, BackendConfigWrapper, CronTriggers, Endpoints, InheritedRoles, QueryCollections, RemoteSchemas, Sources, sourcesCodec) import Hasura.RQL.Types.OpenTelemetry (OpenTelemetryConfig, emptyOpenTelemetryConfig) import Hasura.RQL.Types.QueryCollection qualified as QC -import Hasura.RQL.Types.Roles (Role (_rRoleName)) import Hasura.RQL.Types.ScheduledTrigger (CronTriggerMetadata (ctName)) import Hasura.RemoteSchema.Metadata.Core (RemoteSchemaMetadataG (_rsmName)) import Hasura.SQL.BackendMap (BackendMap) diff --git a/server/src-lib/Hasura/RQL/DDL/Action.hs b/server/src-lib/Hasura/RQL/DDL/Action.hs index b566c0d43aa9b..0bfd08070f33c 100644 --- a/server/src-lib/Hasura/RQL/DDL/Action.hs +++ b/server/src-lib/Hasura/RQL/DDL/Action.hs @@ -23,6 +23,7 @@ import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.List.NonEmpty qualified as NEList import Data.Text.Extended import Data.URL.Template (printTemplate) +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.EncJSON import Hasura.Metadata.Class @@ -33,7 +34,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.CustomTypes import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Metadata.Object -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build import Hasura.SQL.BackendMap (BackendMap) diff --git a/server/src-lib/Hasura/RQL/DDL/EventTrigger.hs b/server/src-lib/Hasura/RQL/DDL/EventTrigger.hs index a8e94f176a84b..c05a7bd85defd 100644 --- a/server/src-lib/Hasura/RQL/DDL/EventTrigger.hs +++ b/server/src-lib/Hasura/RQL/DDL/EventTrigger.hs @@ -60,6 +60,7 @@ import Data.Sequence qualified as Seq import Data.Text qualified as T import Data.Text.Extended import Data.URL.Template (printTemplate, renderTemplate) +import Hasura.Authentication.User (UserInfoM (..)) import Hasura.Base.Error import Hasura.EncJSON import Hasura.Eventing.Backend @@ -81,7 +82,6 @@ import Hasura.RQL.Types.SchemaCache.Build import Hasura.RQL.Types.SchemaCacheTypes import Hasura.RQL.Types.Source import Hasura.SQL.AnyBackend qualified as AB -import Hasura.Session import Hasura.Table.Cache import Hasura.Table.Metadata (TableMetadata (..), tmEventTriggers) import Hasura.Tracing (TraceT) diff --git a/server/src-lib/Hasura/RQL/DDL/InheritedRoles.hs b/server/src-lib/Hasura/RQL/DDL/InheritedRoles.hs index 07c0ac8fc0c0a..74d7876f6fbe5 100644 --- a/server/src-lib/Hasura/RQL/DDL/InheritedRoles.hs +++ b/server/src-lib/Hasura/RQL/DDL/InheritedRoles.hs @@ -10,13 +10,13 @@ import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.HashSet qualified as Set import Data.Sequence qualified as Seq import Data.Text.Extended +import Hasura.Authentication.Role import Hasura.Base.Error import Hasura.EncJSON import Hasura.Prelude import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Metadata.Object -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build diff --git a/server/src-lib/Hasura/RQL/DDL/Metadata/Types.hs b/server/src-lib/Hasura/RQL/DDL/Metadata/Types.hs index 6ea00f07fa5a4..ce3cfc755ec10 100644 --- a/server/src-lib/Hasura/RQL/DDL/Metadata/Types.hs +++ b/server/src-lib/Hasura/RQL/DDL/Metadata/Types.hs @@ -42,6 +42,7 @@ import Data.Aeson qualified as J import Data.Aeson.KeyMap qualified as KeyMap import Data.CaseInsensitive qualified as CI import Data.Environment qualified as Env +import Hasura.Authentication.Session (SessionVariables) import Hasura.Backends.DataConnector.Adapter.Types (DataConnectorName) import Hasura.Prelude import Hasura.RQL.DDL.Warnings (AllowWarnings (..)) @@ -50,7 +51,6 @@ import Hasura.RQL.Types.Common qualified as Common import Hasura.RQL.Types.Metadata (Metadata, MetadataNoSources) import Hasura.RQL.Types.Metadata qualified as Metadata import Hasura.RemoteSchema.Metadata (RemoteSchemaName) -import Hasura.Session (SessionVariables) import Network.HTTP.Client.Transformable qualified as HTTP -------------------------------------------------------------------------------- diff --git a/server/src-lib/Hasura/RQL/DDL/Permission.hs b/server/src-lib/Hasura/RQL/DDL/Permission.hs index 536ac92882a0c..d83c02d882667 100644 --- a/server/src-lib/Hasura/RQL/DDL/Permission.hs +++ b/server/src-lib/Hasura/RQL/DDL/Permission.hs @@ -41,6 +41,8 @@ import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.HashSet qualified as HS import Data.Sequence qualified as Seq import Data.Text.Extended +import Hasura.Authentication.Role (RoleName, adminRoleName) +import Hasura.Authentication.User (UserInfoM) import Hasura.Base.Error import Hasura.EncJSON import Hasura.LogicalModel.Common (logicalModelFieldsToFieldInfo) @@ -58,13 +60,11 @@ import Hasura.RQL.Types.Metadata.Backend import Hasura.RQL.Types.Metadata.Object import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Local -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build import Hasura.RQL.Types.SchemaCacheTypes import Hasura.SQL.AnyBackend qualified as AB import Hasura.SQL.Types -import Hasura.Session (UserInfoM) import Hasura.Table.Cache import Hasura.Table.Metadata ( Permissions, diff --git a/server/src-lib/Hasura/RQL/DDL/Permission/Internal.hs b/server/src-lib/Hasura/RQL/DDL/Permission/Internal.hs index 9c897676894f6..6c278db461da3 100644 --- a/server/src-lib/Hasura/RQL/DDL/Permission/Internal.hs +++ b/server/src-lib/Hasura/RQL/DDL/Permission/Internal.hs @@ -24,6 +24,9 @@ import Data.HashSet qualified as Set import Data.Sequence qualified as Seq import Data.Text qualified as T import Data.Text.Extended +import Hasura.Authentication.Headers (userIdHeader) +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.Session (isSessionVariable) import Hasura.Base.Error import Hasura.LogicalModel.Common (logicalModelFieldsToFieldInfo) import Hasura.LogicalModel.Fields (LogicalModelFieldsRM (..)) @@ -39,11 +42,10 @@ import Hasura.RQL.Types.Metadata.Backend import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Relationships.Remote (DBJoinField (..), RemoteFieldInfo (..), RemoteFieldInfoRHS (..), RemoteSourceFieldInfo (..)) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCacheTypes import Hasura.SQL.AnyBackend qualified as AB -import Hasura.Server.Utils +import Hasura.Server.Utils (isReqUserId) import Hasura.Table.Cache -- | Intrepet a 'PermColSpec' column specification, which can either refer to a diff --git a/server/src-lib/Hasura/RQL/DDL/Schema/Cache.hs b/server/src-lib/Hasura/RQL/DDL/Schema/Cache.hs index 9077efe283cfe..0f8ae950d5fba 100644 --- a/server/src-lib/Hasura/RQL/DDL/Schema/Cache.hs +++ b/server/src-lib/Hasura/RQL/DDL/Schema/Cache.hs @@ -41,6 +41,8 @@ import Data.Sequence qualified as Seq import Data.Set qualified as S import Data.Text qualified as T import Data.Text.Extended +import Hasura.Authentication.Role +import Hasura.Authentication.User (UserInfoM) import Hasura.Base.Error import Hasura.EncJSON import Hasura.Eventing.Backend @@ -95,7 +97,6 @@ import Hasura.RQL.Types.NamingCase import Hasura.RQL.Types.OpenTelemetry import Hasura.RQL.Types.QueryCollection import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.ScheduledTrigger import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build @@ -112,7 +113,6 @@ import Hasura.Server.Init.FeatureFlag qualified as FF import Hasura.Server.Migrate.Version import Hasura.Server.Types import Hasura.Services -import Hasura.Session import Hasura.StoredProcedure.Cache (StoredProcedureCache, StoredProcedureInfo (..)) import Hasura.StoredProcedure.Metadata (StoredProcedureMetadata (..)) import Hasura.Table.API diff --git a/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Common.hs b/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Common.hs index cad9d4ff4fad9..489f047057b99 100644 --- a/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Common.hs +++ b/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Common.hs @@ -51,6 +51,7 @@ import Data.HashMap.Strict.Extended qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.Sequence qualified as Seq import Data.Text.Extended +import Hasura.Authentication.Role import Hasura.Base.Error import Hasura.Incremental qualified as Inc import Hasura.LogicalModel.Types (LogicalModelLocation (..), LogicalModelName) @@ -68,7 +69,6 @@ import Hasura.RQL.Types.Metadata.Object import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build import Hasura.RQL.Types.Source diff --git a/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Permission.hs b/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Permission.hs index a54ae7fbe060e..26e137f01e45d 100644 --- a/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Permission.hs +++ b/server/src-lib/Hasura/RQL/DDL/Schema/Cache/Permission.hs @@ -16,6 +16,7 @@ import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.Sequence qualified as Seq import Data.Text.Extended +import Hasura.Authentication.Role import Hasura.Base.Error import Hasura.LogicalModel.API (LogicalModelName) import Hasura.LogicalModel.Fields (LogicalModelFieldsLookupRT (..), LogicalModelFieldsRM (..), runLogicalModelFieldsLookup) @@ -32,7 +33,6 @@ import Hasura.RQL.Types.Metadata.Backend import Hasura.RQL.Types.Metadata.Object import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Local -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.Roles.Internal ( CheckPermission (..), CombineRolePermInfo (..), diff --git a/server/src-lib/Hasura/RQL/DDL/Schema/Rename.hs b/server/src-lib/Hasura/RQL/DDL/Schema/Rename.hs index 7051a46e3cbd0..b452710ce037c 100644 --- a/server/src-lib/Hasura/RQL/DDL/Schema/Rename.hs +++ b/server/src-lib/Hasura/RQL/DDL/Schema/Rename.hs @@ -15,6 +15,7 @@ import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.HashSet qualified as Set import Data.Text.Extended +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.Prelude import Hasura.RQL.DDL.Permission @@ -30,7 +31,6 @@ import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Relationships.Remote import Hasura.RQL.Types.Relationships.ToSource -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCacheTypes import Hasura.RemoteSchema.Metadata diff --git a/server/src-lib/Hasura/RQL/DDL/SchemaRegistry.hs b/server/src-lib/Hasura/RQL/DDL/SchemaRegistry.hs index 0a0479b59b375..241c2ecc708fd 100644 --- a/server/src-lib/Hasura/RQL/DDL/SchemaRegistry.hs +++ b/server/src-lib/Hasura/RQL/DDL/SchemaRegistry.hs @@ -25,12 +25,12 @@ import Data.Aeson qualified as J import Data.Text qualified as T import Data.Time (UTCTime) import Database.PG.Query qualified as PG +import Hasura.Authentication.Role import Hasura.Backends.Postgres.Execute.Types qualified as SQLTypes import Hasura.Base.Error import Hasura.Prelude import Hasura.RQL.Types.Metadata (Metadata) import Hasura.RQL.Types.Metadata.Object (InconsistentMetadata) -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.SchemaCache (MetadataResourceVersion) import Hasura.Server.Utils diff --git a/server/src-lib/Hasura/RQL/DDL/Webhook/Transform.hs b/server/src-lib/Hasura/RQL/DDL/Webhook/Transform.hs index b32f980136889..f3a2827a6c7d1 100644 --- a/server/src-lib/Hasura/RQL/DDL/Webhook/Transform.hs +++ b/server/src-lib/Hasura/RQL/DDL/Webhook/Transform.hs @@ -64,6 +64,7 @@ import Data.CaseInsensitive qualified as CI import Data.Functor.Barbie qualified as B import Data.Text.Encoding qualified as TE import Data.Validation qualified as V +import Hasura.Authentication.Session (SessionVariables) import Hasura.Prelude hiding (first) import Hasura.RQL.DDL.Webhook.Transform.Body (Body (..), BodyTransformFn) import Hasura.RQL.DDL.Webhook.Transform.Body qualified as Body @@ -76,7 +77,6 @@ import Hasura.RQL.DDL.Webhook.Transform.Response import Hasura.RQL.DDL.Webhook.Transform.Url import Hasura.RQL.Types.Webhook.Transform (MetadataResponseTransform (..), RequestContext, RequestData, RequestFields (..), RequestTransform (..), RequestTransformFns) import Hasura.RQL.Types.Webhook.Transform.WithOptional (WithOptional (..), withOptional) -import Hasura.Session (SessionVariables) import Network.HTTP.Client.Transformable qualified as HTTP ------------------------------------------------------------------------------- diff --git a/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Request.hs b/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Request.hs index cdaf7defdf458..1b71e034a6101 100644 --- a/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Request.hs +++ b/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Request.hs @@ -31,10 +31,10 @@ import Data.Bifunctor import Data.ByteString (ByteString) import Data.Text.Encoding qualified as TE import Data.Validation (Validation, fromEither) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Prelude import Hasura.RQL.DDL.Webhook.Transform.Class (Template (..), TemplatingEngine (..), TransformErrorBundle (..), UnescapedTemplate, encodeScalar, wrapUnescapedTemplate) import Hasura.RQL.Types.Webhook.Transform.Request (RequestTransformCtx (..), Version (..)) -import Hasura.Session (SessionVariables) import Kriti.Error qualified as Kriti import Kriti.Parser qualified as Kriti import Network.HTTP.Client.Transformable qualified as HTTP diff --git a/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Response.hs b/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Response.hs index 4f01c6b0e9bd4..758b6901e58d8 100644 --- a/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Response.hs +++ b/server/src-lib/Hasura/RQL/DDL/Webhook/Transform/Response.hs @@ -18,6 +18,7 @@ import Data.Aeson qualified as J import Data.Aeson.Kriti.Functions as KFunc import Data.ByteString (ByteString) import Data.Validation (Validation, fromEither) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Prelude import Hasura.RQL.DDL.Webhook.Transform.Class ( Template (..), @@ -27,7 +28,6 @@ import Hasura.RQL.DDL.Webhook.Transform.Class encodeScalar, wrapUnescapedTemplate, ) -import Hasura.Session (SessionVariables) ------------------------------------------------------------------------------- diff --git a/server/src-lib/Hasura/RQL/DML/Count.hs b/server/src-lib/Hasura/RQL/DML/Count.hs index 7683d1d601687..167b31700227f 100644 --- a/server/src-lib/Hasura/RQL/DML/Count.hs +++ b/server/src-lib/Hasura/RQL/DML/Count.hs @@ -12,6 +12,7 @@ import Data.Aeson import Data.ByteString.Builder qualified as BB import Data.Sequence qualified as DS import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo, UserInfoM (..)) import Hasura.Backends.Postgres.Connection.MonadTx import Hasura.Backends.Postgres.Execute.Types import Hasura.Backends.Postgres.SQL.DML qualified as S @@ -30,7 +31,6 @@ import Hasura.RQL.Types.Column import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.SchemaCache import Hasura.SQL.Types -import Hasura.Session import Hasura.Table.Cache import Hasura.Tracing qualified as Tracing diff --git a/server/src-lib/Hasura/RQL/DML/Delete.hs b/server/src-lib/Hasura/RQL/DML/Delete.hs index 563ac3d53db21..ddabdbc155291 100644 --- a/server/src-lib/Hasura/RQL/DML/Delete.hs +++ b/server/src-lib/Hasura/RQL/DML/Delete.hs @@ -13,6 +13,7 @@ import Control.Monad.Trans.Control (MonadBaseControl) import Data.Aeson import Data.Sequence qualified as DS import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfoM (..)) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.Execute.Mutation import Hasura.Backends.Postgres.SQL.DML qualified as S @@ -32,7 +33,6 @@ import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.SchemaCache -import Hasura.Session import Hasura.Tracing qualified as Tracing validateDeleteQWith :: diff --git a/server/src-lib/Hasura/RQL/DML/Insert.hs b/server/src-lib/Hasura/RQL/DML/Insert.hs index 4842ae23b382f..756a34749aec8 100644 --- a/server/src-lib/Hasura/RQL/DML/Insert.hs +++ b/server/src-lib/Hasura/RQL/DML/Insert.hs @@ -11,6 +11,7 @@ import Data.HashSet qualified as HS import Data.Sequence qualified as DS import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo (..), UserInfoM (..), askCurRole) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.Execute.Mutation import Hasura.Backends.Postgres.SQL.DML qualified as S @@ -29,7 +30,6 @@ import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.SchemaCache -import Hasura.Session import Hasura.Table.Cache import Hasura.Tracing qualified as Tracing diff --git a/server/src-lib/Hasura/RQL/DML/Internal.hs b/server/src-lib/Hasura/RQL/DML/Internal.hs index 2d4ca3a58ab5c..38f2b3c31cdb5 100644 --- a/server/src-lib/Hasura/RQL/DML/Internal.hs +++ b/server/src-lib/Hasura/RQL/DML/Internal.hs @@ -37,6 +37,9 @@ import Data.Sequence qualified as DS import Data.Text qualified as T import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.Role (RoleName, adminRoleName) +import Hasura.Authentication.Session (SessionVariable, getSessionVariables, sessionVariableToText) +import Hasura.Authentication.User (UserInfoM, askCurRole, askUserInfo, _uiSession) import Hasura.Backends.Postgres.Instances.Metadata () import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types hiding (TableName) @@ -56,10 +59,8 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.ComputedField import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Local -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.RQL.Types.SchemaCache import Hasura.SQL.Types -import Hasura.Session (SessionVariable, UserInfoM, askCurRole, askUserInfo, getSessionVariables, sessionVariableToText, _uiSession) import Hasura.Table.Cache newtype DMLP1T m a = DMLP1T {unDMLP1T :: StateT (DS.Seq PG.PrepArg) m a} diff --git a/server/src-lib/Hasura/RQL/DML/Select.hs b/server/src-lib/Hasura/RQL/DML/Select.hs index c4615a3c25995..3f43425278ff2 100644 --- a/server/src-lib/Hasura/RQL/DML/Select.hs +++ b/server/src-lib/Hasura/RQL/DML/Select.hs @@ -9,6 +9,7 @@ import Data.List.NonEmpty qualified as NE import Data.Sequence qualified as DS import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo, UserInfoM (..)) import Hasura.Backends.Postgres.Connection.MonadTx import Hasura.Backends.Postgres.Execute.Types import Hasura.Backends.Postgres.SQL.DML qualified as S @@ -32,7 +33,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.SchemaCache -import Hasura.Session import Hasura.Table.Cache import Hasura.Tracing qualified as Tracing diff --git a/server/src-lib/Hasura/RQL/DML/Update.hs b/server/src-lib/Hasura/RQL/DML/Update.hs index 7577a28237cc1..bc1695ab6301f 100644 --- a/server/src-lib/Hasura/RQL/DML/Update.hs +++ b/server/src-lib/Hasura/RQL/DML/Update.hs @@ -10,6 +10,7 @@ import Data.HashMap.Strict qualified as HashMap import Data.Sequence qualified as DS import Data.Text.Extended import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfo (..), UserInfoM (..)) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.Execute.Mutation import Hasura.Backends.Postgres.SQL.DML qualified as S @@ -35,7 +36,6 @@ import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Permission import Hasura.RQL.Types.SchemaCache import Hasura.SQL.Types -import Hasura.Session import Hasura.Table.Cache import Hasura.Tracing qualified as Tracing diff --git a/server/src-lib/Hasura/RQL/IR/BoolExp.hs b/server/src-lib/Hasura/RQL/IR/BoolExp.hs index 0cd7682751ad7..c03f60a92356d 100644 --- a/server/src-lib/Hasura/RQL/IR/BoolExp.hs +++ b/server/src-lib/Hasura/RQL/IR/BoolExp.hs @@ -58,6 +58,7 @@ import Data.HashMap.Strict qualified as HashMap import Data.Hashable (hashWithSalt) import Data.Monoid import Data.Text.Extended +import Hasura.Authentication.Session (SessionVariable) import Hasura.Function.Cache import Hasura.Prelude import Hasura.RQL.IR.BoolExp.RemoteRelationshipPredicate (RemoteRelRHSFetchWhereExp) @@ -70,7 +71,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.ComputedField import Hasura.RQL.Types.Relationships.Local import Hasura.SQL.AnyBackend qualified as AB -import Hasura.Session ---------------------------------------------------------------------------------------------------- -- Boolean structure diff --git a/server/src-lib/Hasura/RQL/IR/BoolExp/RemoteRelationshipPredicate.hs b/server/src-lib/Hasura/RQL/IR/BoolExp/RemoteRelationshipPredicate.hs index 89edb9eae19e9..8dee43e27e65b 100644 --- a/server/src-lib/Hasura/RQL/IR/BoolExp/RemoteRelationshipPredicate.hs +++ b/server/src-lib/Hasura/RQL/IR/BoolExp/RemoteRelationshipPredicate.hs @@ -9,8 +9,8 @@ import Data.Aeson qualified as J import Data.Aeson.Extended (FromJSONKeyValue (..)) import Data.Aeson.Key qualified as K import Data.Aeson.KeyMap qualified as KM +import Hasura.Authentication.Session (SessionVariable, parseSessionVariable) import Hasura.Prelude -import Hasura.RQL.Types.Session (SessionVariable, parseSessionVariable) data RemoteRelSessionVariableORLiteralValue = RemoteRelSessionVariable SessionVariable diff --git a/server/src-lib/Hasura/RQL/IR/Value.hs b/server/src-lib/Hasura/RQL/IR/Value.hs index 8eacbae9796a3..e4ba2fa909c96 100644 --- a/server/src-lib/Hasura/RQL/IR/Value.hs +++ b/server/src-lib/Hasura/RQL/IR/Value.hs @@ -9,12 +9,12 @@ module Hasura.RQL.IR.Value ) where +import Hasura.Authentication.Session (SessionVariable) import Hasura.GraphQL.Parser.Variable import Hasura.Prelude import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Column -import Hasura.Session (SessionVariable) -- | Where did this variable come from? data Provenance diff --git a/server/src-lib/Hasura/RQL/Types/Action.hs b/server/src-lib/Hasura/RQL/Types/Action.hs index f082e53bf26d3..e251f7b355979 100644 --- a/server/src-lib/Hasura/RQL/Types/Action.hs +++ b/server/src-lib/Hasura/RQL/Types/Action.hs @@ -68,14 +68,14 @@ import Data.Typeable (Typeable) import Data.UUID qualified as UUID import Database.PG.Query qualified as PG import Database.PG.Query.PTI qualified as PTI +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Base.Error import Hasura.Prelude import Hasura.RQL.Types.Common import Hasura.RQL.Types.CustomTypes import Hasura.RQL.Types.Eventing (EventId (..)) import Hasura.RQL.Types.Headers -import Hasura.RQL.Types.Roles (RoleName) -import Hasura.RQL.Types.Session (SessionVariables) import Hasura.RQL.Types.Webhook.Transform (MetadataResponseTransform, RequestTransform) import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/RQL/Types/Allowlist.hs b/server/src-lib/Hasura/RQL/Types/Allowlist.hs index ab9a76948b221..366039ae28cc1 100644 --- a/server/src-lib/Hasura/RQL/Types/Allowlist.hs +++ b/server/src-lib/Hasura/RQL/Types/Allowlist.hs @@ -25,10 +25,10 @@ import Data.HashMap.Strict.Extended qualified as HashMap import Data.HashMap.Strict.InsOrd.Extended qualified as InsOrdHashMap import Data.HashSet qualified as S import Data.Text.Extended ((<<>)) +import Hasura.Authentication.Role (RoleName) import Hasura.GraphQL.Parser.Name qualified as GName import Hasura.Prelude import Hasura.RQL.Types.QueryCollection -import Hasura.RQL.Types.Roles (RoleName) import Language.GraphQL.Draft.Syntax qualified as G newtype DropCollectionFromAllowlist = DropCollectionFromAllowlist diff --git a/server/src-lib/Hasura/RQL/Types/ApiLimit.hs b/server/src-lib/Hasura/RQL/Types/ApiLimit.hs index 261c5b0d4ebaa..8ea7e1b0a6e13 100644 --- a/server/src-lib/Hasura/RQL/Types/ApiLimit.hs +++ b/server/src-lib/Hasura/RQL/Types/ApiLimit.hs @@ -37,9 +37,9 @@ import Data.Map (Map) import Data.Text qualified as T import Data.Text.Extended (ToTxt (..)) import Data.Typeable (Typeable) +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.Session (isSessionVariable) import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName) -import Hasura.RQL.Types.Session (isSessionVariable) data ApiLimit = ApiLimit { _alRateLimit :: Maybe RateLimit, diff --git a/server/src-lib/Hasura/RQL/Types/Backend.hs b/server/src-lib/Hasura/RQL/Types/Backend.hs index e64ae0362ff1c..4ae494290679c 100644 --- a/server/src-lib/Hasura/RQL/Types/Backend.hs +++ b/server/src-lib/Hasura/RQL/Types/Backend.hs @@ -24,6 +24,7 @@ import Data.Kind (Type) import Data.Text.Casing (GQLNameIdentifier) import Data.Text.Extended import Data.Typeable (Typeable) +import Hasura.Authentication.Session (SessionVariables) import Hasura.Backends.Postgres.Connection.Settings (ConnectionTemplate (..)) import Hasura.Base.Error import Hasura.Base.ToErrorValue @@ -36,7 +37,6 @@ import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common import Hasura.RQL.Types.HealthCheckImplementation (HealthCheckImplementation) import Hasura.RQL.Types.ResizePool (ServerReplicas, SourceResizePoolSummary) -import Hasura.RQL.Types.Session (SessionVariables) import Hasura.RQL.Types.SourceConfiguration import Hasura.SQL.Types import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/RQL/Types/GraphqlSchemaIntrospection.hs b/server/src-lib/Hasura/RQL/Types/GraphqlSchemaIntrospection.hs index 2f89bf68286c0..3c3dcc76db7cf 100644 --- a/server/src-lib/Hasura/RQL/Types/GraphqlSchemaIntrospection.hs +++ b/server/src-lib/Hasura/RQL/Types/GraphqlSchemaIntrospection.hs @@ -7,8 +7,8 @@ import Autodocodec (HasCodec (codec), dimapCodec) import Autodocodec.Extended (hashSetCodec) import Data.Aeson (FromJSON (..), ToJSON (..), genericParseJSON, genericToEncoding, genericToJSON) import Data.HashSet qualified as Set +import Hasura.Authentication.Role (RoleName) import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName) newtype SetGraphqlIntrospectionOptions = SetGraphqlIntrospectionOptions {_idrDisabledForRoles :: (Set.HashSet RoleName)} deriving (Show, Eq, Generic, Semigroup, Monoid) diff --git a/server/src-lib/Hasura/RQL/Types/Metadata.hs b/server/src-lib/Hasura/RQL/Types/Metadata.hs index 061100c6d55a0..1989e37d98e55 100644 --- a/server/src-lib/Hasura/RQL/Types/Metadata.hs +++ b/server/src-lib/Hasura/RQL/Types/Metadata.hs @@ -57,6 +57,7 @@ import Data.Aeson.Ordered qualified as AO import Data.Aeson.Types import Data.HashMap.Strict.InsOrd.Extended qualified as InsOrdHashMap import Data.Monoid (Dual (..), Endo (..)) +import Hasura.Authentication.Role (RoleName) import Hasura.Function.Cache import Hasura.Function.Metadata (FunctionMetadata (..)) import Hasura.Incremental qualified as Inc @@ -82,7 +83,6 @@ import Hasura.RQL.Types.Metadata.Common import Hasura.RQL.Types.Metadata.Serialization import Hasura.RQL.Types.OpenTelemetry import Hasura.RQL.Types.Permission -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RemoteSchema.Metadata import Hasura.SQL.AnyBackend qualified as AB import Hasura.SQL.BackendMap (BackendMap) diff --git a/server/src-lib/Hasura/RQL/Types/Metadata/Common.hs b/server/src-lib/Hasura/RQL/Types/Metadata/Common.hs index fa8423363eefd..5b45c7550eb72 100644 --- a/server/src-lib/Hasura/RQL/Types/Metadata/Common.hs +++ b/server/src-lib/Hasura/RQL/Types/Metadata/Common.hs @@ -59,6 +59,7 @@ import Data.List.Extended qualified as L import Data.Maybe (fromJust) import Data.Text qualified as T import Data.Text.Extended qualified as T +import Hasura.Authentication.Role (InheritedRole, Role (..), RoleName) import Hasura.Function.Metadata (FunctionMetadata (..)) import Hasura.LogicalModel.Metadata (LogicalModelMetadata (..), LogicalModelName) import Hasura.NativeQuery.Metadata (NativeQueryMetadata (..), NativeQueryName) @@ -78,7 +79,6 @@ import Hasura.RQL.Types.GraphqlSchemaIntrospection import Hasura.RQL.Types.HealthCheck import Hasura.RQL.Types.QueryCollection import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.ScheduledTrigger import Hasura.RQL.Types.SourceCustomization import Hasura.RemoteSchema.Metadata diff --git a/server/src-lib/Hasura/RQL/Types/Metadata/Object.hs b/server/src-lib/Hasura/RQL/Types/Metadata/Object.hs index 7017b4f9259a6..2cc5bc25199d2 100644 --- a/server/src-lib/Hasura/RQL/Types/Metadata/Object.hs +++ b/server/src-lib/Hasura/RQL/Types/Metadata/Object.hs @@ -42,6 +42,7 @@ import Control.Lens hiding (set, (.=)) import Data.Aeson.Types import Data.HashMap.Strict.Extended qualified as HashMap import Data.Text.Extended +import Hasura.Authentication.Role (RoleName) import Hasura.Backends.DataConnector.Adapter.Types (DataConnectorName) import Hasura.Base.ErrorMessage import Hasura.Base.ToErrorValue @@ -58,7 +59,6 @@ import Hasura.RQL.Types.Instances () import Hasura.RQL.Types.OpenTelemetry import Hasura.RQL.Types.Permission import Hasura.RQL.Types.QueryCollection (CollectionName, ListedQuery (_lqName)) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RemoteSchema.Metadata import Hasura.SQL.AnyBackend qualified as AB import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/RQL/Types/Metadata/Serialization.hs b/server/src-lib/Hasura/RQL/Types/Metadata/Serialization.hs index ef11dbacc80ff..53a156785c665 100644 --- a/server/src-lib/Hasura/RQL/Types/Metadata/Serialization.hs +++ b/server/src-lib/Hasura/RQL/Types/Metadata/Serialization.hs @@ -25,6 +25,7 @@ import Data.Aeson.Ordered qualified as AO import Data.HashMap.Strict.InsOrd.Extended qualified as InsOrdHashMap import Data.Text.Extended qualified as T import Data.Vector qualified as Vector +import Hasura.Authentication.Role (InheritedRole, Role (..)) import Hasura.Function.Cache (emptyFunctionConfig) import Hasura.Function.Metadata (FunctionMetadata (..)) import Hasura.LogicalModel.Metadata (LogicalModelMetadata (..)) @@ -91,7 +92,6 @@ import Hasura.RQL.Types.Permission ) import Hasura.RQL.Types.QueryCollection (CreateCollection (..), QueryCollections) import Hasura.RQL.Types.Relationships.Local (RelDef (..)) -import Hasura.RQL.Types.Roles (InheritedRole, Role (..)) import Hasura.RQL.Types.ScheduledTrigger (CronTriggerMetadata (..), defaultSTRetryConf) import Hasura.RQL.Types.SourceCustomization (emptySourceCustomization) import Hasura.RemoteSchema.Metadata diff --git a/server/src-lib/Hasura/RQL/Types/Permission.hs b/server/src-lib/Hasura/RQL/Types/Permission.hs index 35f42f9ccdc42..5909453142084 100644 --- a/server/src-lib/Hasura/RQL/Types/Permission.hs +++ b/server/src-lib/Hasura/RQL/Types/Permission.hs @@ -43,6 +43,7 @@ import Data.List.NonEmpty qualified as NonEmpty import Data.Text qualified as T import Data.Typeable (Typeable) import Database.PG.Query qualified as PG +import Hasura.Authentication.Role (RoleName) import Hasura.Prelude import Hasura.RQL.IR.BoolExp import Hasura.RQL.Types.Backend @@ -52,7 +53,6 @@ import Hasura.RQL.Types.Column import Hasura.RQL.Types.Common import Hasura.RQL.Types.ComputedField import Hasura.RQL.Types.Headers -import Hasura.RQL.Types.Roles (RoleName) import PostgreSQL.Binary.Decoding qualified as PD data PermType diff --git a/server/src-lib/Hasura/RQL/Types/SchemaCache.hs b/server/src-lib/Hasura/RQL/Types/SchemaCache.hs index c0b7f7437f35b..304e63a00bd2d 100644 --- a/server/src-lib/Hasura/RQL/Types/SchemaCache.hs +++ b/server/src-lib/Hasura/RQL/Types/SchemaCache.hs @@ -125,6 +125,8 @@ import Data.Text.Extended ((<<>)) import Data.Text.Extended qualified as T import Database.MSSQL.Transaction qualified as MSSQL import Database.PG.Query qualified as PG +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.User (UserInfoM) import Hasura.Backends.Postgres.Connection qualified as Postgres import Hasura.Base.Error import Hasura.Function.Cache @@ -153,10 +155,8 @@ import Hasura.RQL.Types.OpenTelemetry (OpenTelemetryInfo) import Hasura.RQL.Types.QueryCollection import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.ScheduledTrigger import Hasura.RQL.Types.SchemaCacheTypes -import Hasura.RQL.Types.Session (UserInfoM) import Hasura.RQL.Types.Source import Hasura.RQL.Types.Webhook.Transform import Hasura.RemoteSchema.Metadata diff --git a/server/src-lib/Hasura/RQL/Types/SchemaCache/Build.hs b/server/src-lib/Hasura/RQL/Types/SchemaCache/Build.hs index 30be4f7aff23b..ee7ddf3a866a9 100644 --- a/server/src-lib/Hasura/RQL/Types/SchemaCache/Build.hs +++ b/server/src-lib/Hasura/RQL/Types/SchemaCache/Build.hs @@ -54,6 +54,7 @@ import Data.Text.Extended import Data.Text.NonEmpty (unNonEmptyText) import Data.Trie qualified as Trie import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfoM (..)) import Hasura.Backends.DataConnector.Adapter.Types (DataConnectorName) import Hasura.Backends.Postgres.Connection import Hasura.Base.Error @@ -70,7 +71,6 @@ import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Metadata.Object import Hasura.RQL.Types.QueryCollection import Hasura.RQL.Types.SchemaCache -import Hasura.RQL.Types.Session import Hasura.RemoteSchema.Metadata (RemoteSchemaName) import Hasura.Server.Init.FeatureFlag (HasFeatureFlagChecker) import Hasura.Server.Types (MonadGetPolicies (..)) diff --git a/server/src-lib/Hasura/RQL/Types/SchemaCacheTypes.hs b/server/src-lib/Hasura/RQL/Types/SchemaCacheTypes.hs index 05d40a7787f18..587a17cbc60d5 100644 --- a/server/src-lib/Hasura/RQL/Types/SchemaCacheTypes.hs +++ b/server/src-lib/Hasura/RQL/Types/SchemaCacheTypes.hs @@ -28,6 +28,7 @@ import Data.Functor.Const import Data.Text qualified as T import Data.Text.Extended import Data.Text.NonEmpty +import Hasura.Authentication.Role (RoleName, roleNameToTxt) import Hasura.Base.Error import Hasura.LogicalModel.Types (LogicalModelLocation, LogicalModelName) import Hasura.NativeQuery.Types (NativeQueryName) @@ -41,7 +42,6 @@ import Hasura.RQL.Types.EventTrigger import Hasura.RQL.Types.Instances () import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Permission -import Hasura.RQL.Types.Roles (RoleName, roleNameToTxt) import Hasura.RemoteSchema.Metadata import Hasura.SQL.AnyBackend qualified as AB import Language.GraphQL.Draft.Syntax qualified as G diff --git a/server/src-lib/Hasura/RQL/Types/Session.hs b/server/src-lib/Hasura/RQL/Types/Session.hs deleted file mode 100644 index d045f96d8186e..0000000000000 --- a/server/src-lib/Hasura/RQL/Types/Session.hs +++ /dev/null @@ -1,155 +0,0 @@ -module Hasura.RQL.Types.Session - ( SessionVariable (..), - SessionVariables (..), - SessionVariableValue, - parseSessionVariable, - sessionVariablePrefix, - sessionVariableToText, - mkSessionVariable, - mkSessionVariablesText, - isSessionVariable, - isSessionVariableCI, - UserAdminSecret (..), - BackendOnlyFieldAccess (..), - UserInfo (..), - UserInfoM (..), - ExtraUserInfo (..), - UserRoleBuild (..), - ) -where - -import Data.Aeson -import Data.Aeson.Types (Parser, toJSONKeyText) -import Data.CaseInsensitive qualified as CI -import Data.HashMap.Strict qualified as HashMap -import Data.Text qualified as T -import Data.Text.Extended -import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName) - -newtype SessionVariable = SessionVariable {unSessionVariable :: CI.CI Text} - deriving (Show, Eq, Hashable, IsString, Data, NFData, Ord) - -instance ToJSON SessionVariable where - toJSON = toJSON . CI.original . unSessionVariable - -instance ToJSONKey SessionVariable where - toJSONKey = toJSONKeyText sessionVariableToText - -instance ToTxt SessionVariable where - toTxt = sessionVariableToText - -type SessionVariableValue = Text - -sessionVariablePrefix :: Text -sessionVariablePrefix = "x-hasura-" - -isSessionVariable :: Text -> Bool -{-# INLINE isSessionVariable #-} -- hope any redundant conversions vis a vis SessionVariable are eliminated -isSessionVariable = T.isPrefixOf sessionVariablePrefix . T.toCaseFold - --- | A more efficient form of 'isSessionVariable', where applicable -isSessionVariableCI :: CI.CI Text -> Bool -{-# INLINE isSessionVariableCI #-} -isSessionVariableCI = T.isPrefixOf sessionVariablePrefix . CI.foldedCase - -parseSessionVariable :: Text -> Parser SessionVariable -parseSessionVariable t = - -- for performance we avoid isSessionVariable, doing just one case conversion - let sessionVar_dirty = mkSessionVariable t - in if sessionVariablePrefix `T.isPrefixOf` CI.foldedCase (unSessionVariable sessionVar_dirty) - then pure sessionVar_dirty - else fail $ show t <> " is not a Hasura session variable" - -instance FromJSON SessionVariable where - parseJSON = withText "String" parseSessionVariable - -instance FromJSONKey SessionVariable where - fromJSONKey = FromJSONKeyTextParser parseSessionVariable - --- | in normalized, lower-case form -sessionVariableToText :: SessionVariable -> Text -sessionVariableToText = CI.foldedCase . unSessionVariable - -mkSessionVariable :: Text -> SessionVariable -mkSessionVariable = SessionVariable . CI.mk - -newtype SessionVariables = SessionVariables {unSessionVariables :: HashMap.HashMap SessionVariable SessionVariableValue} - deriving (Show, Eq, Hashable, Semigroup, Monoid) - -instance ToJSON SessionVariables where - toJSON (SessionVariables varMap) = - toJSON $ mapKeys sessionVariableToText varMap - -instance FromJSON SessionVariables where - parseJSON v = mkSessionVariablesText <$> parseJSON v - -mkSessionVariablesText :: HashMap.HashMap Text Text -> SessionVariables -mkSessionVariablesText = SessionVariables . mapKeys mkSessionVariable - --- | Represent the admin secret state; whether the secret is sent --- in the request or if actually authorization is not configured. -data UserAdminSecret - = UAdminSecretSent - | UAdminSecretNotSent - | UAuthNotSet - deriving (Show, Eq) - --- | Represents the 'X-Hasura-Use-Backend-Only-Permissions' session variable --- and request made with 'X-Hasura-Admin-Secret' if any auth configured. --- For more details see Note [Backend only permissions] -data BackendOnlyFieldAccess - = BOFAAllowed - | BOFADisallowed - deriving (Show, Eq, Generic) - -instance FromJSON BackendOnlyFieldAccess where - parseJSON = genericParseJSON hasuraJSON - -instance ToJSON BackendOnlyFieldAccess where - toJSON = genericToJSON hasuraJSON - toEncoding = genericToEncoding hasuraJSON - -instance Hashable BackendOnlyFieldAccess - -data UserInfo = UserInfo - { _uiRole :: !RoleName, - _uiSession :: !SessionVariables, - _uiBackendOnlyFieldAccess :: !BackendOnlyFieldAccess - } - deriving (Show, Eq, Generic) - -instance Hashable UserInfo - -instance FromJSON UserInfo where - parseJSON = genericParseJSON hasuraJSON - -instance ToJSON UserInfo where - toJSON = genericToJSON hasuraJSON - toEncoding = genericToEncoding hasuraJSON - -class (Monad m) => UserInfoM m where - askUserInfo :: m UserInfo - -instance (UserInfoM m) => UserInfoM (ReaderT r m) where - askUserInfo = lift askUserInfo - -instance (UserInfoM m) => UserInfoM (ExceptT r m) where - askUserInfo = lift askUserInfo - -instance (UserInfoM m) => UserInfoM (StateT s m) where - askUserInfo = lift askUserInfo - --- | extra information used to identify a Hasura User -data ExtraUserInfo = ExtraUserInfo {_euiUserId :: Maybe Text} - deriving (Show, Eq, Generic) - --- | Represents how to build a role from the session variables -data UserRoleBuild - = -- | Look for `x-hasura-role` session variable value and absence will raise an exception - URBFromSessionVariables - | -- | Look for `x-hasura-role` session variable value, if absent fall back to given role - URBFromSessionVariablesFallback !RoleName - | -- | Use only the pre-determined role - URBPreDetermined !RoleName - deriving (Show, Eq) diff --git a/server/src-lib/Hasura/RQL/Types/Webhook/Transform/Request.hs b/server/src-lib/Hasura/RQL/Types/Webhook/Transform/Request.hs index ec5fbeef9632c..ea66003df9636 100644 --- a/server/src-lib/Hasura/RQL/Types/Webhook/Transform/Request.hs +++ b/server/src-lib/Hasura/RQL/Types/Webhook/Transform/Request.hs @@ -8,9 +8,9 @@ where import Data.Aeson (FromJSON, ToJSON, (.=)) import Data.Aeson qualified as J +import Hasura.Authentication.Session (SessionVariables) import Hasura.Prelude import Hasura.RQL.Types.Webhook.Transform.Class (TemplatingEngine (..)) -import Hasura.Session (SessionVariables) -- | Common context that is made available to all request transformations. data RequestTransformCtx = RequestTransformCtx diff --git a/server/src-lib/Hasura/RemoteSchema/Metadata/Permission.hs b/server/src-lib/Hasura/RemoteSchema/Metadata/Permission.hs index 51d71d3b10bbb..e5fbc5299d80a 100644 --- a/server/src-lib/Hasura/RemoteSchema/Metadata/Permission.hs +++ b/server/src-lib/Hasura/RemoteSchema/Metadata/Permission.hs @@ -7,8 +7,8 @@ where import Autodocodec (HasCodec (codec), object, optionalField', requiredField', requiredFieldWith, (.=)) import Autodocodec.Extended (graphQLSchemaDocumentCodec) import Data.Aeson qualified as J +import Hasura.Authentication.Role (RoleName) import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName) import Language.GraphQL.Draft.Printer qualified as G import Language.GraphQL.Draft.Syntax qualified as G import Text.Builder qualified as TB diff --git a/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Core.hs b/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Core.hs index 01700c8278485..393b4bb6010ef 100644 --- a/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Core.hs +++ b/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Core.hs @@ -18,6 +18,8 @@ import Data.HashMap.Strict qualified as HashMap import Data.HashMap.Strict.InsOrd qualified as InsOrdHashMap import Data.HashSet qualified as S import Data.Text.Extended +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.User (UserInfoM) import Hasura.Base.Error import Hasura.EncJSON import Hasura.GraphQL.RemoteServer @@ -26,7 +28,6 @@ import Hasura.Prelude import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Metadata.Object -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build import Hasura.RQL.Types.SchemaCacheTypes @@ -34,7 +35,6 @@ import Hasura.RemoteSchema.Metadata import Hasura.RemoteSchema.SchemaCache.Build (addRemoteSchemaP2Setup) import Hasura.RemoteSchema.SchemaCache.Types import Hasura.Services -import Hasura.Session (UserInfoM) import Hasura.Tracing qualified as Tracing -- | The payload for 'add_remote_schema', and a component of 'Metadata'. diff --git a/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Permission.hs b/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Permission.hs index 7843a939858d2..fe7143c83edcf 100644 --- a/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Permission.hs +++ b/server/src-lib/Hasura/RemoteSchema/MetadataAPI/Permission.hs @@ -10,13 +10,13 @@ import Control.Lens ((^.)) import Data.Aeson qualified as J import Data.HashMap.Strict qualified as HashMap import Data.Text.Extended +import Hasura.Authentication.Role (RoleName) import Hasura.Base.Error import Hasura.EncJSON import Hasura.Prelude import Hasura.RQL.Types.Common import Hasura.RQL.Types.Metadata import Hasura.RQL.Types.Metadata.Object -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build diff --git a/server/src-lib/Hasura/RemoteSchema/SchemaCache/Build.hs b/server/src-lib/Hasura/RemoteSchema/SchemaCache/Build.hs index 5d08396c6b520..6a2bb312beb4c 100644 --- a/server/src-lib/Hasura/RemoteSchema/SchemaCache/Build.hs +++ b/server/src-lib/Hasura/RemoteSchema/SchemaCache/Build.hs @@ -15,6 +15,7 @@ import Data.Environment qualified as Env import Data.HashMap.Strict.Extended qualified as HashMap import Data.Text qualified as T import Data.Text.Extended +import Hasura.Authentication.Role (ParentRoles (..), Role (..), RoleName) import Hasura.Base.Error import Hasura.EncJSON (encJFromLBS) import Hasura.GraphQL.RemoteServer @@ -25,7 +26,6 @@ import Hasura.Prelude import Hasura.RQL.DDL.Schema.Cache.Common import Hasura.RQL.DDL.Schema.Cache.Permission import Hasura.RQL.Types.Metadata.Object -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.Roles.Internal (CheckPermission (..)) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.SchemaCache.Build diff --git a/server/src-lib/Hasura/RemoteSchema/SchemaCache/Permission.hs b/server/src-lib/Hasura/RemoteSchema/SchemaCache/Permission.hs index 669bd525f550c..fe5c3b515863b 100644 --- a/server/src-lib/Hasura/RemoteSchema/SchemaCache/Permission.hs +++ b/server/src-lib/Hasura/RemoteSchema/SchemaCache/Permission.hs @@ -44,17 +44,17 @@ import Data.List.Extended (duplicates, getDifference) import Data.List.NonEmpty qualified as NE import Data.Text qualified as T import Data.Text.Extended +import Hasura.Authentication.Role (RoleName, adminRoleName) +import Hasura.Authentication.Session (isSessionVariable, mkSessionVariable) import Hasura.Base.Error import Hasura.GraphQL.Parser.Name qualified as GName import Hasura.Name qualified as Name import Hasura.Prelude import Hasura.RQL.Types.Metadata.Instances () -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RemoteSchema.Metadata (RemoteSchemaName) import Hasura.RemoteSchema.SchemaCache.Types -import Hasura.Server.Utils (englishList, isSessionVariable) -import Hasura.Session (mkSessionVariable) +import Hasura.Server.Utils (englishList) import Language.GraphQL.Draft.Syntax qualified as G data FieldDefinitionType @@ -485,7 +485,7 @@ parsePresetValue gType varName isStatic value = do case value of G.VEnum _ -> refute $ pure $ ExpectedScalarValue typeName value G.VString t -> - case (isSessionVariable t && (not isStatic)) of + case isSessionVariable t && not isStatic of True -> pure $ G.VVariable diff --git a/server/src-lib/Hasura/RemoteSchema/SchemaCache/Types.hs b/server/src-lib/Hasura/RemoteSchema/SchemaCache/Types.hs index ed438b35ffa25..5d87098e04805 100644 --- a/server/src-lib/Hasura/RemoteSchema/SchemaCache/Types.hs +++ b/server/src-lib/Hasura/RemoteSchema/SchemaCache/Types.hs @@ -59,15 +59,15 @@ import Data.Monoid import Data.Text qualified as T import Data.Text.Extended import Data.URL.Template (printTemplate) +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.Session (SessionVariable) import Hasura.Base.Error import Hasura.GraphQL.Parser.Variable import Hasura.GraphQL.Schema.Typename import Hasura.Prelude import Hasura.RQL.Types.Common import Hasura.RQL.Types.Headers (HeaderConf (..)) -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RemoteSchema.Metadata -import Hasura.Session (SessionVariable) import Language.GraphQL.Draft.Syntax qualified as G import Network.URI.Extended qualified as N import Witherable (Filterable (..)) diff --git a/server/src-lib/Hasura/Server/API/Metadata.hs b/server/src-lib/Hasura/Server/API/Metadata.hs index ab919c6567652..738c506484f95 100644 --- a/server/src-lib/Hasura/Server/API/Metadata.hs +++ b/server/src-lib/Hasura/Server/API/Metadata.hs @@ -15,6 +15,7 @@ import Data.HashMap.Strict qualified as HashMap import Data.Text qualified as T import GHC.Generics.Extended (constrName) import Hasura.App.State +import Hasura.Authentication.User (UserInfoM) import Hasura.Base.Error import Hasura.EncJSON import Hasura.Eventing.Backend @@ -73,7 +74,6 @@ import Hasura.Server.Init.FeatureFlag (HasFeatureFlagChecker) import Hasura.Server.Logging (SchemaSyncLog (..), SchemaSyncThreadType (TTMetadataApi)) import Hasura.Server.Types import Hasura.Services -import Hasura.Session import Hasura.StoredProcedure.API qualified as StoredProcedures import Hasura.Tracing qualified as Tracing diff --git a/server/src-lib/Hasura/Server/API/Metadata/Types.hs b/server/src-lib/Hasura/Server/API/Metadata/Types.hs index dbdc538bcc8df..62b1eca9f1b5c 100644 --- a/server/src-lib/Hasura/Server/API/Metadata/Types.hs +++ b/server/src-lib/Hasura/Server/API/Metadata/Types.hs @@ -7,6 +7,7 @@ module Hasura.Server.API.Metadata.Types where import GHC.Generics +import Hasura.Authentication.Role (DropInheritedRole, InheritedRole) import Hasura.Function.API qualified as Functions import Hasura.LogicalModel.API qualified as LogicalModel import Hasura.NativeQuery.API qualified as NativeQueries @@ -36,7 +37,6 @@ import Hasura.RQL.Types.GraphqlSchemaIntrospection import Hasura.RQL.Types.Metadata (GetCatalogState, SetCatalogState) import Hasura.RQL.Types.OpenTelemetry import Hasura.RQL.Types.QueryCollection -import Hasura.RQL.Types.Roles import Hasura.RQL.Types.ScheduledTrigger import Hasura.RemoteSchema.MetadataAPI import Hasura.SQL.AnyBackend diff --git a/server/src-lib/Hasura/Server/API/Query.hs b/server/src-lib/Hasura/Server/API/Query.hs index 54b6406a0e14f..2f021439b2fb3 100644 --- a/server/src-lib/Hasura/Server/API/Query.hs +++ b/server/src-lib/Hasura/Server/API/Query.hs @@ -13,6 +13,7 @@ import Data.Aeson.Casing qualified as J (snakeCase) import Data.Environment qualified as Env import Data.Has (Has) import Hasura.App.State +import Hasura.Authentication.User (UserInfoM) import Hasura.Backends.Postgres.DDL.RunSQL import Hasura.Base.Error import Hasura.EncJSON @@ -58,7 +59,6 @@ import Hasura.RemoteSchema.MetadataAPI import Hasura.Server.Types import Hasura.Server.Utils import Hasura.Services -import Hasura.Session import Hasura.Tracing qualified as Tracing data RQLQueryV1 diff --git a/server/src-lib/Hasura/Server/API/V2Query.hs b/server/src-lib/Hasura/Server/API/V2Query.hs index e65d49935c0dd..6ec03917f487f 100644 --- a/server/src-lib/Hasura/Server/API/V2Query.hs +++ b/server/src-lib/Hasura/Server/API/V2Query.hs @@ -16,6 +16,7 @@ import Data.Aeson.Types (Parser) import Data.Text qualified as T import GHC.Generics.Extended (constrName) import Hasura.App.State +import Hasura.Authentication.User (UserInfoM) import Hasura.Backends.BigQuery.DDL.RunSQL qualified as BigQuery import Hasura.Backends.DataConnector.Adapter.RunSQL qualified as DataConnector import Hasura.Backends.DataConnector.Adapter.Types (DataConnectorName, mkDataConnectorName) @@ -48,7 +49,6 @@ import Hasura.RQL.Types.SchemaCache.Build import Hasura.RQL.Types.Source import Hasura.Server.Types import Hasura.Services -import Hasura.Session import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as GQL diff --git a/server/src-lib/Hasura/Server/App.hs b/server/src-lib/Hasura/Server/App.hs index c578c42f19ccd..20ea825e11490 100644 --- a/server/src-lib/Hasura/Server/App.hs +++ b/server/src-lib/Hasura/Server/App.hs @@ -54,6 +54,9 @@ import Data.Text.Lazy qualified as LT import Data.Text.Lazy.Encoding qualified as TL import GHC.Stats.Extended qualified as RTS import Hasura.App.State +import Hasura.Authentication.Headers +import Hasura.Authentication.Role (adminRoleName, roleNameToTxt) +import Hasura.Authentication.User (ExtraUserInfo (..), UserInfo (..), UserInfoM, askUserInfo) import Hasura.Backends.DataConnector.API (openApiSchema) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Backends.Postgres.Execute.Types @@ -82,7 +85,6 @@ import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common (SQLGenCtx (..)) import Hasura.RQL.Types.Endpoint as EP import Hasura.RQL.Types.OpenTelemetry (getOtelTracesPropagator) -import Hasura.RQL.Types.Roles (adminRoleName, roleNameToTxt) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.Source import Hasura.Server.API.Config (runGetConfig) @@ -109,7 +111,6 @@ import Hasura.Server.Types import Hasura.Server.Utils import Hasura.Server.Version import Hasura.Services -import Hasura.Session (ExtraUserInfo (..), UserInfo (..), UserInfoM, askUserInfo) import Hasura.Tracing (MonadTrace) import Hasura.Tracing qualified as Tracing import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Server/Auth.hs b/server/src-lib/Hasura/Server/Auth.hs index 54072696e4960..9460188573671 100644 --- a/server/src-lib/Hasura/Server/Auth.hs +++ b/server/src-lib/Hasura/Server/Auth.hs @@ -39,15 +39,16 @@ import Data.IORef (newIORef, readIORef) import Data.List qualified as L import Data.Text.Encoding qualified as T import Data.Time.Clock (UTCTime, getCurrentTime) +import Hasura.Authentication.Headers +import Hasura.Authentication.Role (RoleName, adminRoleName) +import Hasura.Authentication.Session (getSessionVariableValue, mkSessionVariablesHeaders) +import Hasura.Authentication.User (ExtraUserInfo, UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkUserInfo) import Hasura.Base.Error import Hasura.GraphQL.Transport.HTTP.Protocol (ReqsText) import Hasura.Logging import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.Server.Auth.JWT hiding (processJwt_) import Hasura.Server.Auth.WebHook -import Hasura.Server.Utils -import Hasura.Session (ExtraUserInfo, UserAdminSecret (..), UserInfo, UserRoleBuild (..), getSessionVariableValue, mkSessionVariablesHeaders, mkUserInfo) import Hasura.Tracing qualified as Tracing import Network.HTTP.Client qualified as HTTP import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Server/Auth/JWT.hs b/server/src-lib/Hasura/Server/Auth/JWT.hs index e2f4fbb244dcd..b272cad7d766d 100644 --- a/server/src-lib/Hasura/Server/Auth/JWT.hs +++ b/server/src-lib/Hasura/Server/Auth/JWT.hs @@ -89,20 +89,18 @@ import Data.Time.Clock getCurrentTime, ) import GHC.AssertNF.CPP +import Hasura.Authentication.Header (getRequestHeader) +import Hasura.Authentication.Headers (userRoleHeader) +import Hasura.Authentication.Role (RoleName, mkRoleName) +import Hasura.Authentication.Session (SessionVariable, SessionVariableValue, isSessionVariable, mkSessionVariable, mkSessionVariablesHeaders, mkSessionVariablesText, sessionVariableToText) +import Hasura.Authentication.User (UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkUserInfo) import Hasura.Base.Error import Hasura.HTTP import Hasura.Logging (Hasura, LogLevel (..), Logger (..)) import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName, mkRoleName) import Hasura.Server.Auth.JWT.Internal (parseEdDSAKey, parseEsKey, parseHmacKey, parseRsaKey) import Hasura.Server.Auth.JWT.Logging -import Hasura.Server.Utils - ( executeJSONPath, - getRequestHeader, - isSessionVariable, - userRoleHeader, - ) -import Hasura.Session (SessionVariable, SessionVariableValue, UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkSessionVariable, mkSessionVariablesHeaders, mkSessionVariablesText, mkUserInfo, sessionVariableToText) +import Hasura.Server.Utils (executeJSONPath) import Network.HTTP.Client.Transformable qualified as HTTP import Network.HTTP.Types as N import Network.URI.Extended (URI) diff --git a/server/src-lib/Hasura/Server/Auth/WebHook.hs b/server/src-lib/Hasura/Server/Auth/WebHook.hs index edb98b1cfd21d..2c2969aa81d68 100644 --- a/server/src-lib/Hasura/Server/Auth/WebHook.hs +++ b/server/src-lib/Hasura/Server/Auth/WebHook.hs @@ -16,14 +16,15 @@ import Data.Parser.CacheControl (parseMaxAge) import Data.Parser.Expires import Data.Text qualified as T import Data.Time.Clock (UTCTime, addUTCTime, getCurrentTime) +import Hasura.Authentication.Headers (commonClientHeadersIgnored) +import Hasura.Authentication.Session (mkSessionVariablesText) +import Hasura.Authentication.User (UserAdminSecret (..), UserInfo, UserRoleBuild (..), mkUserInfo) import Hasura.Base.Error import Hasura.GraphQL.Transport.HTTP.Protocol qualified as GH import Hasura.HTTP import Hasura.Logging import Hasura.Prelude import Hasura.Server.Logging -import Hasura.Server.Utils -import Hasura.Session import Hasura.Tracing qualified as Tracing import Network.HTTP.Client.Transformable qualified as HTTP import Network.Wreq qualified as Wreq diff --git a/server/src-lib/Hasura/Server/Compression.hs b/server/src-lib/Hasura/Server/Compression.hs index c0abe796f3d6c..9732b644eb823 100644 --- a/server/src-lib/Hasura/Server/Compression.hs +++ b/server/src-lib/Hasura/Server/Compression.hs @@ -17,8 +17,8 @@ import Data.ByteString qualified as BS import Data.ByteString.Lazy qualified as BL import Data.Set qualified as Set import Data.Text qualified as T +import Hasura.Authentication.Headers (gzipHeader) import Hasura.Prelude -import Hasura.Server.Utils (gzipHeader) import Network.HTTP.Types.Header qualified as NH -- | Compressed encodings which hasura supports diff --git a/server/src-lib/Hasura/Server/Init/Arg/Command/Serve.hs b/server/src-lib/Hasura/Server/Init/Arg/Command/Serve.hs index fd860a6d88f07..ced9a6140ce86 100644 --- a/server/src-lib/Hasura/Server/Init/Arg/Command/Serve.hs +++ b/server/src-lib/Hasura/Server/Init/Arg/Command/Serve.hs @@ -85,6 +85,8 @@ import Data.HashSet qualified as HashSet import Data.Text qualified as Text import Data.Time qualified as Time import Database.PG.Query qualified as Query +import Hasura.Authentication.Role (RoleName) +import Hasura.Authentication.Role qualified as Roles import Hasura.Backends.Postgres.Connection.MonadTx qualified as MonadTx import Hasura.Cache.Bounded qualified as Bounded import Hasura.GraphQL.Execute.Subscription.Options qualified as Subscription.Options @@ -93,8 +95,6 @@ import Hasura.NativeQuery.Validation qualified as NativeQuery import Hasura.Prelude import Hasura.RQL.Types.Metadata (MetadataDefaults, emptyMetadataDefaults) import Hasura.RQL.Types.NamingCase qualified as NC -import Hasura.RQL.Types.Roles (RoleName) -import Hasura.RQL.Types.Roles qualified as Roles import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.Server.Auth qualified as Auth import Hasura.Server.Cors qualified as Cors diff --git a/server/src-lib/Hasura/Server/Init/Config.hs b/server/src-lib/Hasura/Server/Init/Config.hs index 9d5e14d20ae1c..a0b9104d70144 100644 --- a/server/src-lib/Hasura/Server/Init/Config.hs +++ b/server/src-lib/Hasura/Server/Init/Config.hs @@ -87,6 +87,7 @@ import Data.Text qualified as Text import Data.Time qualified as Time import Data.URL.Template qualified as Template import Database.PG.Query qualified as Query +import Hasura.Authentication.Role (RoleName, adminRoleName) import Hasura.Backends.Postgres.Connection.MonadTx qualified as MonadTx import Hasura.GraphQL.Execute.Subscription.Options qualified as Subscription.Options import Hasura.Logging qualified as Logging @@ -95,7 +96,6 @@ import Hasura.Prelude import Hasura.RQL.Types.Common qualified as Common import Hasura.RQL.Types.Metadata (MetadataDefaults) import Hasura.RQL.Types.NamingCase (NamingCase) -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.RQL.Types.Schema.Options qualified as Schema.Options import Hasura.Server.Auth qualified as Auth import Hasura.Server.Cors qualified as Cors diff --git a/server/src-lib/Hasura/Server/Init/Env.hs b/server/src-lib/Hasura/Server/Init/Env.hs index 55dec0b7089b7..d2c90186ee0e6 100644 --- a/server/src-lib/Hasura/Server/Init/Env.hs +++ b/server/src-lib/Hasura/Server/Init/Env.hs @@ -30,6 +30,7 @@ import Data.Text qualified as Text import Data.Time qualified as Time import Data.URL.Template qualified as Template import Database.PG.Query qualified as Query +import Hasura.Authentication.Role (RoleName, mkRoleName) import Hasura.Backends.Postgres.Connection.MonadTx (ExtensionsSchema) import Hasura.Backends.Postgres.Connection.MonadTx qualified as MonadTx import Hasura.Cache.Bounded qualified as Cache @@ -40,7 +41,6 @@ import Hasura.Prelude import Hasura.RQL.Types.Metadata (Metadata, MetadataDefaults (..)) import Hasura.RQL.Types.NamingCase (NamingCase) import Hasura.RQL.Types.NamingCase qualified as NamingCase -import Hasura.RQL.Types.Roles (RoleName, mkRoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.Server.Auth qualified as Auth import Hasura.Server.Cors qualified as Cors diff --git a/server/src-lib/Hasura/Server/Limits.hs b/server/src-lib/Hasura/Server/Limits.hs index 02b59a38433d8..3fb96e6ba9fea 100644 --- a/server/src-lib/Hasura/Server/Limits.hs +++ b/server/src-lib/Hasura/Server/Limits.hs @@ -5,11 +5,11 @@ module Hasura.Server.Limits where import Control.Monad.Trans.Control (MonadBaseControl) +import Hasura.Authentication.User (UserInfo) import Hasura.Base.Error import Hasura.Prelude import Hasura.RQL.Types.ApiLimit (ApiLimit) import Hasura.Server.Types qualified as HGE -import Hasura.Session (UserInfo) import Hasura.Tracing qualified as Tracing -- | Resource limits, represented by a function which modifies IO actions to diff --git a/server/src-lib/Hasura/Server/Logging.hs b/server/src-lib/Hasura/Server/Logging.hs index 6432b2935b470..72ce73af948da 100644 --- a/server/src-lib/Hasura/Server/Logging.hs +++ b/server/src-lib/Hasura/Server/Logging.hs @@ -47,6 +47,8 @@ import Data.List.NonEmpty qualified as NE import Data.SerializableBlob qualified as SB import Data.Text qualified as T import Data.Text.Extended +import Hasura.Authentication.Session (SessionVariables) +import Hasura.Authentication.User (ExtraUserInfo, UserInfo (..)) import Hasura.Base.Error import Hasura.GraphQL.ParameterizedQueryHash import Hasura.GraphQL.Transport.HTTP.Protocol qualified as GH @@ -64,7 +66,6 @@ import Hasura.Server.Utils deprecatedEnvVars, envVarsMovedToMetadata, ) -import Hasura.Session import Hasura.Tracing (TraceT) import Network.HTTP.Types qualified as HTTP import Network.Wai.Extended qualified as Wai diff --git a/server/src-lib/Hasura/Server/Middleware.hs b/server/src-lib/Hasura/Server/Middleware.hs index 5fafd89c2f202..e39843326f473 100644 --- a/server/src-lib/Hasura/Server/Middleware.hs +++ b/server/src-lib/Hasura/Server/Middleware.hs @@ -9,10 +9,10 @@ import Data.ByteString qualified as B import Data.CaseInsensitive qualified as CI import Data.IORef import Data.Text.Encoding qualified as TE +import Hasura.Authentication.Header (getRequestHeader) import Hasura.CachedTime import Hasura.Prelude import Hasura.Server.Cors -import Hasura.Server.Utils import Network.HTTP.Types qualified as HTTP import Network.Wai diff --git a/server/src-lib/Hasura/Server/Rest.hs b/server/src-lib/Hasura/Server/Rest.hs index dbd444e1e1984..76616a9663b39 100644 --- a/server/src-lib/Hasura/Server/Rest.hs +++ b/server/src-lib/Hasura/Server/Rest.hs @@ -14,6 +14,7 @@ import Data.Text qualified as T import Data.Text.Encoding qualified as T import Data.Text.Extended import Data.These (These (..)) +import Hasura.Authentication.User (UserInfo) import Hasura.Backends.DataConnector.Agent.Client (AgentLicenseKey) import Hasura.Base.Error import Hasura.CredentialCache @@ -40,7 +41,6 @@ import Hasura.Server.Name qualified as Name import Hasura.Server.Prometheus (PrometheusMetrics) import Hasura.Server.Types import Hasura.Services -import Hasura.Session import Hasura.Tracing qualified as Tracing import Language.GraphQL.Draft.Syntax qualified as G import Network.HTTP.Types qualified as HTTP diff --git a/server/src-lib/Hasura/Server/Telemetry.hs b/server/src-lib/Hasura/Server/Telemetry.hs index c0f503ceb9f69..a7f2c35522f12 100644 --- a/server/src-lib/Hasura/Server/Telemetry.hs +++ b/server/src-lib/Hasura/Server/Telemetry.hs @@ -39,6 +39,7 @@ import Data.Text qualified as T import Data.Text.Conversions (UTF8 (..), decodeText) import Data.Text.Extended (toTxt) import Hasura.App.State qualified as State +import Hasura.Authentication.Role (RoleName) import Hasura.HTTP import Hasura.Logging import Hasura.LogicalModel.Cache (LogicalModelInfo) @@ -51,7 +52,6 @@ import Hasura.RQL.Types.Common import Hasura.RQL.Types.CustomTypes import Hasura.RQL.Types.Metadata.Instances () import Hasura.RQL.Types.Relationships.Local -import Hasura.RQL.Types.Roles (RoleName) import Hasura.RQL.Types.SchemaCache import Hasura.RQL.Types.Source import Hasura.SQL.AnyBackend qualified as Any diff --git a/server/src-lib/Hasura/Server/Types.hs b/server/src-lib/Hasura/Server/Types.hs index 69e0ba46d133b..8c160171832a5 100644 --- a/server/src-lib/Hasura/Server/Types.hs +++ b/server/src-lib/Hasura/Server/Types.hs @@ -44,11 +44,13 @@ import Data.Aeson.Lens import Data.Aeson.TH qualified as J import Data.Text (intercalate, unpack) import Database.PG.Query qualified as PG +import Hasura.Authentication.Header (getRequestHeader) +import Hasura.Authentication.Headers import Hasura.GraphQL.Transport.HTTP.Protocol qualified as GH import Hasura.Prelude hiding (intercalate) import Hasura.RQL.Types.ApiLimit import Hasura.Server.Init.FeatureFlag (CheckFeatureFlag (..)) -import Hasura.Server.Utils +import Hasura.Server.Utils (generateFingerprint) import Network.HTTP.Types qualified as HTTP newtype RequestId = RequestId {unRequestId :: Text} diff --git a/server/src-lib/Hasura/Server/Utils.hs b/server/src-lib/Hasura/Server/Utils.hs index a283f2353140b..0291ce7642f92 100644 --- a/server/src-lib/Hasura/Server/Utils.hs +++ b/server/src-lib/Hasura/Server/Utils.hs @@ -4,42 +4,23 @@ module Hasura.Server.Utils ( APIVersion (..), DeprecatedEnvVars (..), EnvVarsMovedToMetadata (..), - adminSecretHeader, - commonClientHeadersIgnored, cryptoHash, - deprecatedAccessKeyHeader, deprecatedEnvVars, englishList, envVarsMovedToMetadata, executeJSONPath, - filterHeaders, fmapL, generateFingerprint, - getRequestHeader, - gzipHeader, httpExceptToJSON, isReqUserId, - isSessionVariable, - jsonHeader, makeReasonMessage, - mkClientHeadersForward, - mkSetCookieHeaders, parseConnLifeTime, - parseStringAsBool, quoteRegex, readIsoLevel, - redactSensitiveHeader, - requestIdHeader, - sqlHeader, - useBackendOnlyPermissionsHeader, - userIdHeader, - userRoleHeader, - contentLengthHeader, sessionVariablePrefix, ) where -import Control.Lens ((^..)) import Crypto.Hash qualified as Crypto import Data.Aeson import Data.Aeson qualified as J @@ -48,9 +29,6 @@ import Data.ByteArray (convert) import Data.ByteString qualified as B import Data.ByteString.Base16 qualified as Base16 import Data.ByteString.Lazy qualified as BL -import Data.CaseInsensitive qualified as CI -import Data.Char -import Data.HashSet qualified as Set import Data.List.NonEmpty qualified as NE import Data.Text qualified as T import Data.Text.Extended @@ -61,67 +39,12 @@ import Data.Vector qualified as V import Database.PG.Query qualified as PG import Hasura.Base.Instances () import Hasura.Prelude -import Hasura.RQL.Types.Session (isSessionVariable) import Language.Haskell.TH.Syntax qualified as TH import Network.HTTP.Client qualified as HC -import Network.HTTP.Types qualified as HTTP -import Network.Wreq qualified as Wreq import Text.Regex.TDFA qualified as TDFA import Text.Regex.TDFA.ReadRegex qualified as TDFA import Text.Regex.TDFA.TDFA qualified as TDFA -jsonHeader :: HTTP.Header -jsonHeader = ("Content-Type", "application/json; charset=utf-8") - -sqlHeader :: HTTP.Header -sqlHeader = ("Content-Type", "application/sql; charset=utf-8") - -gzipHeader :: HTTP.Header -gzipHeader = ("Content-Encoding", "gzip") - -userRoleHeader :: (IsString a) => a -userRoleHeader = "x-hasura-role" - -deprecatedAccessKeyHeader :: (IsString a) => a -deprecatedAccessKeyHeader = "x-hasura-access-key" - -adminSecretHeader :: (IsString a) => a -adminSecretHeader = "x-hasura-admin-secret" - -userIdHeader :: (IsString a) => a -userIdHeader = "x-hasura-user-id" - -requestIdHeader :: (IsString a) => a -requestIdHeader = "x-request-id" - -contentLengthHeader :: (IsString a) => a -contentLengthHeader = "Content-Length" - -useBackendOnlyPermissionsHeader :: (IsString a) => a -useBackendOnlyPermissionsHeader = "x-hasura-use-backend-only-permissions" - -getRequestHeader :: HTTP.HeaderName -> [HTTP.Header] -> Maybe B.ByteString -getRequestHeader hdrName hdrs = snd <$> mHeader - where - mHeader = find (\h -> fst h == hdrName) hdrs - -parseStringAsBool :: String -> Either String Bool -parseStringAsBool t - | map toLower t `elem` truthVals = Right True - | map toLower t `elem` falseVals = Right False - | otherwise = Left errMsg - where - truthVals = ["true", "t", "yes", "y"] - falseVals = ["false", "f", "no", "n"] - - errMsg = - " Not a valid boolean text. " - ++ "True values are " - ++ show truthVals - ++ " and False values are " - ++ show falseVals - ++ ". All values are case insensitive" - {- NOTE: Something like this is not safe in the presence of caching. The only way for metaprogramming to depend on some external data and recompile properly is via addDependentFile and to include that file in the @@ -183,56 +106,12 @@ httpExceptToJSON e = case e of showProxy (HC.Proxy h p) = "host: " <> bsToTxt h <> " port: " <> tshow p --- ignore the following request headers from the client -commonClientHeadersIgnored :: (IsString a) => [a] -commonClientHeadersIgnored = - [ "Content-Length", - "Content-MD5", - "User-Agent", - "Host", - "Origin", - "Referer", - "Accept", - "Accept-Encoding", - "Accept-Language", - "Accept-Datetime", - "Cache-Control", - "Connection", - "DNT", - "Content-Type" - ] - sessionVariablePrefix :: Text sessionVariablePrefix = "x-hasura-" isReqUserId :: Text -> Bool isReqUserId = (== "req_user_id") . T.toLower -mkClientHeadersForward :: [HTTP.Header] -> [HTTP.Header] -mkClientHeadersForward reqHeaders = - xForwardedHeaders <> (filterSessionVariables . filterRequestHeaders) reqHeaders - where - filterSessionVariables = filter (\(k, _) -> not $ isSessionVariable $ bsToTxt $ CI.original k) - xForwardedHeaders = flip mapMaybe reqHeaders $ \(hdrName, hdrValue) -> - case hdrName of - "Host" -> Just ("X-Forwarded-Host", hdrValue) - "User-Agent" -> Just ("X-Forwarded-User-Agent", hdrValue) - "Origin" -> Just ("X-Forwarded-Origin", hdrValue) - _ -> Nothing - -mkSetCookieHeaders :: Wreq.Response a -> HTTP.ResponseHeaders -mkSetCookieHeaders resp = - map (headerName,) $ resp ^.. Wreq.responseHeader headerName - where - headerName = "Set-Cookie" - -filterRequestHeaders :: [HTTP.Header] -> [HTTP.Header] -filterRequestHeaders = - filterHeaders $ Set.fromList commonClientHeadersIgnored - -filterHeaders :: Set.HashSet HTTP.HeaderName -> [HTTP.Header] -> [HTTP.Header] -filterHeaders list = filter (\(n, _) -> not $ n `Set.member` list) - -- | The version integer data APIVersion = VIVersion1 @@ -335,14 +214,3 @@ deprecatedEnvVars = "HASURA_GRAPHQL_QUERY_PLAN_CACHE_SIZE", "HASURA_GRAPHQL_STRIPES_PER_READ_REPLICA" ] - -sensitiveHeaders :: HashSet HTTP.HeaderName -sensitiveHeaders = - Set.fromList - [ "Access-Token", - "Authorization", - "Cookie" - ] - -redactSensitiveHeader :: HTTP.Header -> HTTP.Header -redactSensitiveHeader (headerName, value) = (headerName, if headerName `elem` sensitiveHeaders then "" else value) diff --git a/server/src-lib/Hasura/Session.hs b/server/src-lib/Hasura/Session.hs deleted file mode 100644 index a9faa6a66f7c1..0000000000000 --- a/server/src-lib/Hasura/Session.hs +++ /dev/null @@ -1,148 +0,0 @@ -module Hasura.Session - ( SessionVariable, - mkSessionVariable, - SessionVariables, - filterSessionVariables, - SessionVariableValue, - sessionVariableToText, - sessionVariableToGraphQLName, - mkSessionVariablesText, - mkSessionVariablesHeaders, - sessionVariablesToHeaders, - getSessionVariableValue, - getSessionVariablesSet, - getSessionVariables, - UserAdminSecret (..), - UserRoleBuild (..), - UserInfo (..), - UserInfoM (..), - askCurRole, - mkUserInfo, - adminUserInfo, - BackendOnlyFieldAccess (..), - ExtraUserInfo (..), - maybeRoleFromSessionVariables, - ) -where - -import Data.CaseInsensitive qualified as CI -import Data.HashMap.Strict qualified as HashMap -import Data.HashSet qualified as Set -import Data.Text qualified as T -import Hasura.Base.Error -import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName, adminRoleName, mkRoleName, roleNameToTxt) -import Hasura.RQL.Types.Session (BackendOnlyFieldAccess (..), ExtraUserInfo (..), SessionVariable (..), SessionVariableValue, SessionVariables (..), UserInfo (..), UserInfoM (..), UserRoleBuild (..), isSessionVariableCI, mkSessionVariable, mkSessionVariablesText, sessionVariableToText) -import Hasura.Server.Utils -import Language.GraphQL.Draft.Syntax qualified as G -import Network.HTTP.Types qualified as HTTP - --- | Converts a `SessionVariable` value to a GraphQL name. --- This will fail if the session variable contains characters that are not valid --- for a graphql names. It is the caller's responsibility to decide what to do --- in such a case. -sessionVariableToGraphQLName :: SessionVariable -> Maybe G.Name -sessionVariableToGraphQLName = G.mkName . T.replace "-" "_" . sessionVariableToText - -filterSessionVariables :: - (SessionVariable -> SessionVariableValue -> Bool) -> - SessionVariables -> - SessionVariables -filterSessionVariables f = SessionVariables . HashMap.filterWithKey f . unSessionVariables - -mkSessionVariablesHeaders :: [HTTP.Header] -> SessionVariables -mkSessionVariablesHeaders = - SessionVariables - . HashMap.fromList - . map (first SessionVariable) - . filter (isSessionVariableCI . fst) -- Only x-hasura-* headers - . map (CI.map bsToTxt *** bsToTxt) - ----- Something like this a little faster, but I expect some test failures --- . map (lowerToTxt *** bsToTxt) --- where --- -- NOTE: this throws away the original, vs 'CI.map bsToTxt' --- lowerToTxt = CI.unsafeMk . bsToTxt . CI.foldedCase - -sessionVariablesToHeaders :: SessionVariables -> [HTTP.Header] -sessionVariablesToHeaders = - map ((CI.map txtToBs . unSessionVariable) *** txtToBs) - . HashMap.toList - . unSessionVariables - -getSessionVariables :: SessionVariables -> [Text] -getSessionVariables = map sessionVariableToText . HashMap.keys . unSessionVariables - -getSessionVariablesSet :: SessionVariables -> Set.HashSet SessionVariable -getSessionVariablesSet = HashMap.keysSet . unSessionVariables - -getSessionVariableValue :: SessionVariable -> SessionVariables -> Maybe SessionVariableValue -getSessionVariableValue k = HashMap.lookup k . unSessionVariables - --- | Represent the admin secret state; whether the secret is sent --- in the request or if actually authorization is not configured. -data UserAdminSecret - = UAdminSecretSent - | UAdminSecretNotSent - | UAuthNotSet - deriving (Show, Eq) - -askCurRole :: (UserInfoM m) => m RoleName -askCurRole = _uiRole <$> askUserInfo - --- | Build @'UserInfo' from @'SessionVariables' -mkUserInfo :: - forall m. - (MonadError QErr m) => - UserRoleBuild -> - UserAdminSecret -> - SessionVariables -> - m UserInfo -mkUserInfo roleBuild userAdminSecret sessionVariables = do - roleName <- case roleBuild of - URBFromSessionVariables -> - onNothing maybeSessionRole - $ throw400 InvalidParams - $ userRoleHeader - <> " not found in session variables" - URBFromSessionVariablesFallback roleName' -> pure $ fromMaybe roleName' maybeSessionRole - URBPreDetermined roleName' -> pure roleName' - backendOnlyFieldAccess <- getBackendOnlyFieldAccess - let modifiedSession = modifySessionVariables roleName sessionVariables - pure $ UserInfo roleName modifiedSession backendOnlyFieldAccess - where - maybeSessionRole = maybeRoleFromSessionVariables sessionVariables - - modifySessionVariables :: RoleName -> SessionVariables -> SessionVariables - modifySessionVariables roleName = - SessionVariables - . HashMap.insert userRoleHeader (roleNameToTxt roleName) - . HashMap.delete adminSecretHeader - . HashMap.delete deprecatedAccessKeyHeader - . unSessionVariables - - getBackendOnlyFieldAccess :: m BackendOnlyFieldAccess - getBackendOnlyFieldAccess = case userAdminSecret of - UAdminSecretNotSent -> pure BOFADisallowed - UAdminSecretSent -> lookForBackendOnlyPermissionsConfig - UAuthNotSet -> lookForBackendOnlyPermissionsConfig - where - lookForBackendOnlyPermissionsConfig = - case getSessionVariableValue useBackendOnlyPermissionsHeader sessionVariables of - Nothing -> pure BOFADisallowed - Just varVal -> - case parseStringAsBool (T.unpack varVal) of - Left err -> - throw400 BadRequest - $ useBackendOnlyPermissionsHeader - <> ": " - <> T.pack err - Right privilege -> pure $ if privilege then BOFAAllowed else BOFADisallowed - -maybeRoleFromSessionVariables :: SessionVariables -> Maybe RoleName -maybeRoleFromSessionVariables sessionVariables = - -- returns Nothing if x-hasura-role is an empty string - getSessionVariableValue userRoleHeader sessionVariables >>= mkRoleName - -adminUserInfo :: UserInfo -adminUserInfo = UserInfo adminRoleName mempty BOFADisallowed diff --git a/server/src-lib/Hasura/Table/Cache.hs b/server/src-lib/Hasura/Table/Cache.hs index 7734b29bcaf70..db2c6367d7269 100644 --- a/server/src-lib/Hasura/Table/Cache.hs +++ b/server/src-lib/Hasura/Table/Cache.hs @@ -124,6 +124,7 @@ import Data.Semigroup (Any (..), Max (..)) import Data.Text qualified as T import Data.Text.Casing qualified as C import Data.Text.Extended +import Hasura.Authentication.Role (RoleName, adminRoleName) import Hasura.Backends.Postgres.SQL.Types qualified as Postgres (PGDescription) import Hasura.Base.Error import Hasura.Name qualified as Name @@ -141,7 +142,6 @@ import Hasura.RQL.Types.NamingCase import Hasura.RQL.Types.Permission (AllowedRootFields (..), QueryRootFieldType (..), SubscriptionRootFieldType (..), ValidateInput (..)) import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles (RoleName, adminRoleName) import Hasura.RQL.Types.SourceCustomization import Hasura.SQL.AnyBackend (runBackend) import Language.GraphQL.Draft.Parser qualified as GParse diff --git a/server/src-lib/Hasura/Table/Metadata.hs b/server/src-lib/Hasura/Table/Metadata.hs index 5af4910b886e4..9ded53c857bb1 100644 --- a/server/src-lib/Hasura/Table/Metadata.hs +++ b/server/src-lib/Hasura/Table/Metadata.hs @@ -39,6 +39,7 @@ import Data.HashSet qualified as HS import Data.List.Extended qualified as L import Data.Text qualified as T import Data.Text.Extended qualified as T +import Hasura.Authentication.Role (RoleName) import Hasura.LogicalModel.Types import Hasura.Prelude import Hasura.RQL.Types.Backend @@ -49,7 +50,6 @@ import Hasura.RQL.Types.EventTrigger import Hasura.RQL.Types.Permission import Hasura.RQL.Types.Relationships.Local import Hasura.RQL.Types.Relationships.Remote -import Hasura.RQL.Types.Roles import Hasura.Table.Cache (TableConfig (..), emptyTableConfig) -- | Parse a list of objects into a map from a derived key, diff --git a/server/src-lib/Hasura/Tracing/Monad.hs b/server/src-lib/Hasura/Tracing/Monad.hs index 0fcbe77b7cfb2..c0cb3ef37a87f 100644 --- a/server/src-lib/Hasura/Tracing/Monad.hs +++ b/server/src-lib/Hasura/Tracing/Monad.hs @@ -12,8 +12,8 @@ import Control.Monad.Catch (MonadCatch, MonadMask, MonadThrow) import Control.Monad.Morph import Control.Monad.Trans.Control import Data.IORef +import Hasura.Authentication.User (UserInfoM (..)) import Hasura.Prelude -import Hasura.RQL.Types.Session (UserInfoM (..)) import Hasura.Server.Types (MonadGetPolicies (..)) import Hasura.Tracing.Class import Hasura.Tracing.Context diff --git a/server/src-test/Hasura/SessionSpec.hs b/server/src-test/Hasura/Authentication/SessionSpec.hs similarity index 71% rename from server/src-test/Hasura/SessionSpec.hs rename to server/src-test/Hasura/Authentication/SessionSpec.hs index 6920a3ca63287..8a12cadc39ed0 100644 --- a/server/src-test/Hasura/SessionSpec.hs +++ b/server/src-test/Hasura/Authentication/SessionSpec.hs @@ -1,9 +1,8 @@ -module Hasura.SessionSpec (spec) where +module Hasura.Authentication.SessionSpec (spec) where +import Hasura.Authentication.Session import Hasura.Prelude import Hasura.QuickCheck.Instances () -import Hasura.Server.Utils (isSessionVariable) -import Hasura.Session (sessionVariableToText) import Test.Hspec (Spec, describe, shouldSatisfy) import Test.Hspec.QuickCheck (prop) diff --git a/server/src-test/Hasura/Backends/Postgres/Execute/PrepareSpec.hs b/server/src-test/Hasura/Backends/Postgres/Execute/PrepareSpec.hs index 9649e5025fb8b..47db66d0fffe9 100644 --- a/server/src-test/Hasura/Backends/Postgres/Execute/PrepareSpec.hs +++ b/server/src-test/Hasura/Backends/Postgres/Execute/PrepareSpec.hs @@ -13,6 +13,9 @@ import Data.Aeson.Extended qualified as J (encodeToStrictText) import Data.Foldable (for_) import Data.HashMap.Strict qualified as HashMap import Data.Text.NonEmpty (mkNonEmptyTextUnsafe) +import Hasura.Authentication.Role (mkRoleNameSafe) +import Hasura.Authentication.Session (mkSessionVariablesText) +import Hasura.Authentication.User (BackendOnlyFieldAccess (..), UserInfo (..)) import Hasura.Backends.Postgres.Execute.Prepare import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types (PGScalarType (..)) @@ -23,13 +26,7 @@ import Hasura.GraphQL.Parser.Variable (VariableInfo (..)) import Hasura.RQL.IR.Value (Provenance (..), UnpreparedValue (..)) import Hasura.RQL.Types.BackendType (BackendType (..), PostgresKind (..)) import Hasura.RQL.Types.Column (ColumnType (..), ColumnValue (..)) -import Hasura.RQL.Types.Roles (mkRoleNameSafe) import Hasura.SQL.Types (CollectableType (..)) -import Hasura.Session - ( BackendOnlyFieldAccess (..), - UserInfo (..), - mkSessionVariablesText, - ) import Language.GraphQL.Draft.Syntax.QQ qualified as G import Test.Hspec (Expectation, Spec, describe, it, shouldBe) import Prelude diff --git a/server/src-test/Hasura/GraphQL/Schema/RemoteSpec.hs b/server/src-test/Hasura/GraphQL/Schema/RemoteSpec.hs index 3ce38f18104b0..4b57bfc09f18e 100644 --- a/server/src-test/Hasura/GraphQL/Schema/RemoteSpec.hs +++ b/server/src-test/Hasura/GraphQL/Schema/RemoteSpec.hs @@ -15,6 +15,9 @@ import Data.Text qualified as T import Data.Text.Extended import Data.Text.NonEmpty qualified as NEText import Data.Text.RawString +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.Session (SessionVariables, mkSessionVariable) +import Hasura.Authentication.User (BackendOnlyFieldAccess (..), UserInfo (..)) import Hasura.Base.Error import Hasura.Base.ErrorMessage (ErrorMessage, fromErrorMessage) import Hasura.GraphQL.Execute.Inline @@ -33,11 +36,9 @@ import Hasura.RQL.IR.RemoteSchema import Hasura.RQL.IR.Root import Hasura.RQL.IR.Value import Hasura.RQL.Types.Common -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RemoteSchema.Metadata.Base (RemoteSchemaName (..)) import Hasura.RemoteSchema.SchemaCache -import Hasura.Session (BackendOnlyFieldAccess (..), SessionVariables, UserInfo (..), mkSessionVariable) import Language.GraphQL.Draft.Parser qualified as G import Language.GraphQL.Draft.Syntax qualified as G import Language.GraphQL.Draft.Syntax.QQ qualified as G diff --git a/server/src-test/Hasura/QuickCheck/Instances.hs b/server/src-test/Hasura/QuickCheck/Instances.hs index dfab72491b523..a986d8c20a28f 100644 --- a/server/src-test/Hasura/QuickCheck/Instances.hs +++ b/server/src-test/Hasura/QuickCheck/Instances.hs @@ -13,6 +13,7 @@ import Data.Ratio ((%)) import Data.Set qualified as Set import Data.Text qualified as T import Data.Trie qualified as Trie +import Hasura.Authentication.Session (SessionVariable, mkSessionVariable) import Hasura.Base.Error (QErr (..), QErrExtra (..)) import Hasura.Base.Error qualified as Error import Hasura.GraphQL.Namespace (NamespacedField (..), namespacedField) @@ -31,7 +32,6 @@ import Hasura.RemoteSchema.SchemaCache getTypeName, ) import Hasura.Server.Utils qualified as Utils -import Hasura.Session (SessionVariable, mkSessionVariable) import Hasura.Table.Cache import Language.GraphQL.Draft.Syntax qualified as GraphQL import Network.HTTP.Types qualified as HTTP.Types diff --git a/server/src-test/Hasura/RQL/PermissionSpec.hs b/server/src-test/Hasura/RQL/PermissionSpec.hs index 23121581000e4..915bfaaf44119 100644 --- a/server/src-test/Hasura/RQL/PermissionSpec.hs +++ b/server/src-test/Hasura/RQL/PermissionSpec.hs @@ -2,11 +2,11 @@ module Hasura.RQL.PermissionSpec (spec) where import Data.HashMap.Strict qualified as HashMap import Data.HashSet qualified as Set +import Hasura.Authentication.Role (ParentRoles (..), Role (..), RoleName, mkRoleName) import Hasura.Prelude import Hasura.RQL.DDL.Schema.Cache import Hasura.RQL.DDL.Schema.Cache.Permission import Hasura.RQL.Types.Action -import Hasura.RQL.Types.Roles import Test.Hspec spec :: Spec diff --git a/server/src-test/Hasura/RQL/Types/AllowlistSpec.hs b/server/src-test/Hasura/RQL/Types/AllowlistSpec.hs index 0ffa5416e7739..e385ef92c17ff 100644 --- a/server/src-test/Hasura/RQL/Types/AllowlistSpec.hs +++ b/server/src-test/Hasura/RQL/Types/AllowlistSpec.hs @@ -12,10 +12,10 @@ import Data.List.NonEmpty qualified as NE import Data.Maybe (fromJust) import Data.Text.Extended (toTxt) import Data.Text.NonEmpty (mkNonEmptyTextUnsafe) +import Hasura.Authentication.Role (mkRoleName) import Hasura.Prelude import Hasura.RQL.Types.Allowlist import Hasura.RQL.Types.QueryCollection -import Hasura.RQL.Types.Roles (mkRoleName) import Test.Hspec spec :: Spec diff --git a/server/src-test/Hasura/Server/AuthSpec.hs b/server/src-test/Hasura/Server/AuthSpec.hs index 7fa71d693b9e3..c098c7026075f 100644 --- a/server/src-test/Hasura/Server/AuthSpec.hs +++ b/server/src-test/Hasura/Server/AuthSpec.hs @@ -18,15 +18,17 @@ import Data.HashMap.Strict qualified as HashMap import Data.HashSet qualified as Set import Data.Parser.JSONPath import Data.Text qualified as T +import Hasura.Authentication.Headers +import Hasura.Authentication.Role (RoleName, adminRoleName, mkRoleName) +import Hasura.Authentication.Session (mkSessionVariable, mkSessionVariablesHeaders, sessionVariableToText) +import Hasura.Authentication.User (UserAdminSecret (..), UserInfo (..), UserRoleBuild (..), mkUserInfo) import Hasura.Base.Error import Hasura.GraphQL.Transport.HTTP.Protocol (ReqsText) import Hasura.Logging (Logger (..)) import Hasura.Prelude -import Hasura.RQL.Types.Roles (RoleName, adminRoleName, mkRoleName) import Hasura.Server.Auth hiding (getUserInfoWithExpTime, processJwt) import Hasura.Server.Auth.JWT hiding (processJwt) -import Hasura.Server.Utils -import Hasura.Session (UserAdminSecret (..), UserInfo (..), UserRoleBuild (..), mkSessionVariable, mkSessionVariablesHeaders, mkUserInfo, sessionVariableToText) +import Hasura.Server.Utils () import Network.HTTP.Client qualified as HTTP import Network.HTTP.Types qualified as HTTP import Test.Hspec diff --git a/server/src-test/Hasura/Server/Init/ArgSpec.hs b/server/src-test/Hasura/Server/Init/ArgSpec.hs index 0f050e6369c5b..206e50f1b87ec 100644 --- a/server/src-test/Hasura/Server/Init/ArgSpec.hs +++ b/server/src-test/Hasura/Server/Init/ArgSpec.hs @@ -14,12 +14,12 @@ import Data.HashSet qualified as Set import Data.Time (NominalDiffTime) import Data.URL.Template qualified as Template import Database.PG.Query qualified as PG +import Hasura.Authentication.Role qualified as Roles import Hasura.GraphQL.Execute.Subscription.Options qualified as ES import Hasura.Logging qualified as Logging import Hasura.Prelude import Hasura.RQL.Types.Metadata (Metadata, MetadataDefaults (..), overrideMetadataDefaults, _metaBackendConfigs) import Hasura.RQL.Types.NamingCase qualified as NC -import Hasura.RQL.Types.Roles qualified as Roles import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.SQL.BackendMap qualified as BackendMap import Hasura.Server.Auth qualified as Auth diff --git a/server/src-test/Hasura/Server/InitSpec.hs b/server/src-test/Hasura/Server/InitSpec.hs index 290fe2db83608..a56292fa77ce6 100644 --- a/server/src-test/Hasura/Server/InitSpec.hs +++ b/server/src-test/Hasura/Server/InitSpec.hs @@ -10,13 +10,13 @@ where import Data.HashSet qualified as Set import Data.Time (NominalDiffTime) import Database.PG.Query qualified as Query +import Hasura.Authentication.Role qualified as Roles import Hasura.GraphQL.Execute.Subscription.Options qualified as Subscription.Options import Hasura.Logging (Hasura) import Hasura.Logging qualified as Logging import Hasura.NativeQuery.Validation qualified as NativeQuery import Hasura.Prelude import Hasura.RQL.Types.NamingCase qualified as NamingCase -import Hasura.RQL.Types.Roles qualified as Roles import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.SQL.Types qualified as MonadTx import Hasura.Server.Auth qualified as Auth diff --git a/server/src-test/Test/Backend/Postgres/Misc.hs b/server/src-test/Test/Backend/Postgres/Misc.hs index a29ed41777d11..48c3201bbb1a4 100644 --- a/server/src-test/Test/Backend/Postgres/Misc.hs +++ b/server/src-test/Test/Backend/Postgres/Misc.hs @@ -16,6 +16,9 @@ module Test.Backend.Postgres.Misc ) where +import Hasura.Authentication.Role (adminRoleName) +import Hasura.Authentication.Session (SessionVariables) +import Hasura.Authentication.User (BackendOnlyFieldAccess (..), UserInfo (..)) import Hasura.Backends.Postgres.SQL.DML qualified as S import Hasura.Backends.Postgres.SQL.Types (PGScalarType (..)) import Hasura.Backends.Postgres.SQL.Value (PGScalarValue (..), txtEncoder, withScalarTypeAnn) @@ -23,8 +26,6 @@ import Hasura.Prelude import Hasura.RQL.IR.Value (Provenance (FreshVar), UnpreparedValue (..)) import Hasura.RQL.Types.BackendType (BackendType (Postgres), PostgresKind (Vanilla)) import Hasura.RQL.Types.Column (ColumnInfo, ColumnType (..), ColumnValue (..)) -import Hasura.RQL.Types.Roles (adminRoleName) -import Hasura.RQL.Types.Session (BackendOnlyFieldAccess (BOFADisallowed), SessionVariables, UserInfo (..)) import Test.Parser.Expectation qualified as Expect type PG = 'Postgres 'Vanilla diff --git a/server/src-test/Test/Parser/Monad.hs b/server/src-test/Test/Parser/Monad.hs index 76bf406ec37a2..45688ba4f0470 100644 --- a/server/src-test/Test/Parser/Monad.hs +++ b/server/src-test/Test/Parser/Monad.hs @@ -16,6 +16,7 @@ import Data.Aeson.Types (JSONPathElement) import Data.Has (Has (..)) import Data.Text qualified as T import GHC.Stack +import Hasura.Authentication.Role (adminRoleName) import Hasura.Base.Error (QErr) import Hasura.Base.ErrorMessage import Hasura.GraphQL.Parser.Class @@ -25,7 +26,6 @@ import Hasura.GraphQL.Schema.Typename import Hasura.Prelude import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.NamingCase -import Hasura.RQL.Types.Roles (adminRoleName) import Hasura.RQL.Types.Schema.Options (SchemaOptions (..)) import Hasura.RQL.Types.Schema.Options qualified as Options import Hasura.RQL.Types.Source (SourceInfo) diff --git a/server/test-postgres/Test/Hasura/Server/MigrateSuite.hs b/server/test-postgres/Test/Hasura/Server/MigrateSuite.hs index ceff7a6f40e27..48dc327d344e6 100644 --- a/server/test-postgres/Test/Hasura/Server/MigrateSuite.hs +++ b/server/test-postgres/Test/Hasura/Server/MigrateSuite.hs @@ -11,6 +11,7 @@ import Data.ByteString.Lazy.UTF8 qualified as LBS import Data.Environment qualified as Env import Data.Time.Clock (getCurrentTime) import Database.PG.Query qualified as PG +import Hasura.Authentication.User (UserInfoM) import Hasura.Backends.Postgres.Connection import Hasura.Base.Error import Hasura.EncJSON @@ -33,7 +34,6 @@ import Hasura.Server.Init (DowngradeOptions (..)) import Hasura.Server.Migrate import Hasura.Server.Types import Hasura.Services.Network -import Hasura.Session import Hasura.Tracing qualified as Tracing import Test.Hspec.Core.Spec import Test.Hspec.Expectations.Lifted diff --git a/server/test-postgres/Test/Hasura/StreamingSubscriptionSuite.hs b/server/test-postgres/Test/Hasura/StreamingSubscriptionSuite.hs index 14cd77c65f399..49a36245c3801 100644 --- a/server/test-postgres/Test/Hasura/StreamingSubscriptionSuite.hs +++ b/server/test-postgres/Test/Hasura/StreamingSubscriptionSuite.hs @@ -17,6 +17,7 @@ import Data.Text.IO qualified as T import Data.UUID qualified as UUID import Data.UUID.V4 qualified as UUID import Database.PG.Query qualified as PG +import Hasura.Authentication.Role (RoleName, mkRoleName) import Hasura.Backends.Postgres.Connection import Hasura.Backends.Postgres.Execute.Subscription (MultiplexedQuery (MultiplexedQuery)) import Hasura.Backends.Postgres.Instances.Transport () @@ -38,7 +39,6 @@ import Hasura.RQL.Types.Backend import Hasura.RQL.Types.BackendType import Hasura.RQL.Types.Common import Hasura.RQL.Types.ResizePool (ResizePoolStrategy (..)) -import Hasura.RQL.Types.Roles (RoleName, mkRoleName) import Hasura.Server.Init (considerEnv, databaseUrlOption, runWithEnv, _envVar) import Hasura.Server.Metrics (createServerMetrics) import Hasura.Server.Prometheus (makeDummyPrometheusMetrics)