-
Notifications
You must be signed in to change notification settings - Fork 7
/
role.go
123 lines (98 loc) · 2.33 KB
/
role.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
package materialize
import (
"database/sql"
"fmt"
"strings"
"github.com/jmoiron/sqlx"
)
type RoleBuilder struct {
ddl Builder
roleName string
inherit bool
}
func NewRoleBuilder(conn *sqlx.DB, obj MaterializeObject) *RoleBuilder {
return &RoleBuilder{
ddl: Builder{conn, Role},
roleName: obj.Name,
}
}
func (b *RoleBuilder) QualifiedName() string {
return QualifiedName(b.roleName)
}
func (b *RoleBuilder) Inherit() *RoleBuilder {
b.inherit = true
return b
}
func (b *RoleBuilder) Create() error {
q := strings.Builder{}
q.WriteString(fmt.Sprintf(`CREATE ROLE %s`, b.QualifiedName()))
var p []string
// NOINHERIT currently not supported
// https://materialize.com/docs/sql/create-role/#details
if b.inherit {
p = append(p, ` INHERIT`)
}
if len(p) > 0 {
f := strings.Join(p, "")
q.WriteString(f)
}
q.WriteString(`;`)
return b.ddl.exec(q.String())
}
func (b *RoleBuilder) Alter(permission string) error {
q := fmt.Sprintf(`ALTER ROLE %s %s;`, b.QualifiedName(), permission)
return b.ddl.exec(q)
}
func (b *RoleBuilder) Drop() error {
qn := b.QualifiedName()
return b.ddl.drop(qn)
}
type RoleParams struct {
RoleId sql.NullString `db:"id"`
RoleName sql.NullString `db:"role_name"`
Inherit sql.NullBool `db:"inherit"`
Comment sql.NullString `db:"comment"`
}
var roleQuery = NewBaseQuery(`
SELECT
mz_roles.id,
mz_roles.name AS role_name,
mz_roles.inherit,
comments.comment AS comment
FROM mz_roles
LEFT JOIN (
SELECT id, comment
FROM mz_internal.mz_comments
WHERE object_type = 'role'
) comments
ON mz_roles.id = comments.id`)
func RoleId(conn *sqlx.DB, roleName string) (string, error) {
if roleName == "PUBLIC" {
return "p", nil
} else {
p := map[string]string{"mz_roles.name": roleName}
q := roleQuery.QueryPredicate(p)
var c RoleParams
if err := conn.Get(&c, q); err != nil {
return "", err
}
return c.RoleId.String, nil
}
}
func ScanRole(conn *sqlx.DB, id string) (RoleParams, error) {
p := map[string]string{"mz_roles.id": id}
q := roleQuery.QueryPredicate(p)
var c RoleParams
if err := conn.Get(&c, q); err != nil {
return c, err
}
return c, nil
}
func ListRoles(conn *sqlx.DB) ([]RoleParams, error) {
q := roleQuery.QueryPredicate(map[string]string{})
var c []RoleParams
if err := conn.Select(&c, q); err != nil {
return c, err
}
return c, nil
}