Skip to content

Strict ACL parsing without a regex #2587

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 23 commits into from
Jun 25, 2025
Merged

Strict ACL parsing without a regex #2587

merged 23 commits into from
Jun 25, 2025

Conversation

ttfkam
Copy link
Contributor

@ttfkam ttfkam commented Jun 20, 2025

Description

Supersedes #2586 per maintainer comments.

Motivation: browsing through the code and saw a simple opportunity.

  • Improve validation on ACL string: prevent "**", "*m", "z", "%", etc.

No new tests. Should only require regression testing.

Performance impact

Minor speed improvement for ACL parsing logic in aggregate due to one less regex.

Security impact

Excludes most invalid ACL input. (Doesn't stop duplicate ACL tokens.)

Checklist

  • My code matches the project's code style and yarn lint:fix passes.
  • I've added tests for the new feature, and yarn test passes.
  • I have detailed the new feature in the relevant documentation.
  • I have added this feature to 'Pending' in the RELEASE_NOTES.md file (if one exists).
  • If this is a breaking change I've explained why.

@github-project-automation github-project-automation bot moved this to 🌳 Triage in V5.0.0 Jun 20, 2025
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Jun 20, 2025
edited
Loading

🦋 Changeset detected

Latest commit: 3772a8e

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 6 packages
Name Type
pg-introspection Patch
graphile-build-pg Patch
pgl Patch
graphile-utils Patch
postgraphile Patch
graphile Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@ttfkam ttfkam mentioned this pull request Jun 20, 2025
Closed
5 tasks
@ttfkam ttfkam changed the title String ACL parsing without a regex Strict ACL parsing without a regex Jun 20, 2025
benjie
benjie requested changes Jun 20, 2025
View reviewed changes
Copy link
Member

@benjie benjie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This definitely looks more performant - a single loop over the string rather than at least 26! However, it's not as clearly correct as it was - the previous code was very obvious and this code is less so - so it will need some unit tests. Just simple assertions that a number of standard permissions strings with/without role, with/without grants parse correctly. Since pg-introspection doesn't seem to have tests already, please use node:test for them (or mocha/chai if you prefer).

In general we trust permission strings to be valid (we trust Postgres) so I'm not too concerned about malicious permission strings, however Postgres does add new permissions from time to time so it's worth ensuring that the code correctly handles (via an error) a new permission character.

I've included a number of TypeScript improvements, all minor.

@github-project-automation github-project-automation bot moved this from 🌳 Triage to 🌱 In Progress in V5.0.0 Jun 20, 2025
benjie
benjie reviewed Jun 23, 2025
View reviewed changes
benjie
benjie reviewed Jun 23, 2025
View reviewed changes
@benjie benjie force-pushed the ttfkam-strict-acl-parsing branch from bd70431 to e0db4db Compare June 25, 2025 11:42
@benjie benjie changed the base branch from main to minor-acl-refactor June 25, 2025 11:42
@benjie benjie deleted the branch graphile:main June 25, 2025 12:18
@benjie benjie closed this Jun 25, 2025
@github-project-automation github-project-automation bot moved this from 🌱 In Progress to ✅ Done in V5.0.0 Jun 25, 2025
@benjie benjie reopened this Jun 25, 2025
@github-project-automation github-project-automation bot moved this from ✅ Done to 🌱 In Progress in V5.0.0 Jun 25, 2025
@benjie benjie changed the base branch from minor-acl-refactor to main June 25, 2025 12:19
@benjie benjie force-pushed the ttfkam-strict-acl-parsing branch from 2650195 to 9aa2637 Compare June 25, 2025 12:22
benjie
benjie previously approved these changes Jun 25, 2025
View reviewed changes
Copy link
Member

@benjie benjie left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Whilst implementing tests for this I discovered we had a bug in the way that we were handling roles containing " characters, and also that our permission string output was in a different order to Postgres'. Both of these are now resolved. Thanks!

@benjie benjie merged commit 11d6e31 into graphile:main Jun 25, 2025
22 checks passed
@github-project-automation github-project-automation bot moved this from 🌱 In Progress to ✅ Done in V5.0.0 Jun 25, 2025
@ttfkam
Copy link
Contributor Author

ttfkam commented Jun 25, 2025

Hey, sorry for dropping the ball here. I got caught up at work. Thank you for taking this past the finish line.

@ttfkam ttfkam deleted the ttfkam-strict-acl-parsing branch July 14, 2025 02:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@benjie benjie

Assignees
No one assigned
Labels
None yet
Projects
V5.0.0
Status: ✅ Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ttfkam @benjie