Make tag in reader role optional (#463)

trueleo · web-flow · commit e2032aba1a35 · 2023-08-03T16:23:35.000+05:30
diff --git a/server/src/handlers/http/query.rs b/server/src/handlers/http/query.rs
@@ -89,7 +89,7 @@ impl FromRequest for Query {
                 match permission {
                     Permission::Stream(Action::All, _) => authorized = true,
                     Permission::StreamWithTag(Action::Query, stream, tag)
-                        if stream == query.stream_name =>
+                        if stream == query.stream_name || stream == "*" =>
                     {
                         authorized = true;
                         if let Some(tag) = tag {
diff --git a/server/src/rbac/role.rs b/server/src/rbac/role.rs
@@ -110,7 +110,7 @@ pub mod model {
         Admin,
         Editor,
         Writer { stream: String },
-        Reader { stream: String, tag: String },
+        Reader { stream: String, tag: Option<String> },
     }
 
     impl From<&DefaultPrivilege> for RoleBuilder {
@@ -121,9 +121,13 @@ pub mod model {
                 DefaultPrivilege::Writer { stream } => {
                     writer_perm_builder().with_stream(stream.to_owned())
                 }
-                DefaultPrivilege::Reader { stream, tag } => reader_perm_builder()
-                    .with_stream(stream.to_owned())
-                    .with_tag(tag.to_owned()),
+                DefaultPrivilege::Reader { stream, tag } => {
+                    let mut reader = reader_perm_builder().with_stream(stream.to_owned());
+                    if let Some(tag) = tag {
+                        reader = reader.with_tag(tag.to_owned())
+                    }
+                    reader
+                }
             }
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -89,7 +89,7 @@ impl FromRequest for Query {`
`89`	`89`	`match permission {`
`90`	`90`	`Permission::Stream(Action::All, _) => authorized = true,`
`91`	`91`	`Permission::StreamWithTag(Action::Query, stream, tag)`
`92`		`- if stream == query.stream_name =>`
	`92`	`+ if stream == query.stream_name \|\| stream == "*" =>`
`93`	`93`	`{`
`94`	`94`	`authorized = true;`
`95`	`95`	`if let Some(tag) = tag {`
Original file line number	Diff line number	Diff line change
`@@ -110,7 +110,7 @@ pub mod model {`
`110`	`110`	`Admin,`
`111`	`111`	`Editor,`
`112`	`112`	`Writer { stream: String },`
`113`		`- Reader { stream: String, tag: String },`
	`113`	`+ Reader { stream: String, tag: Option<String> },`
`114`	`114`	`}`
`115`	`115`
`116`	`116`	`impl From<&DefaultPrivilege> for RoleBuilder {`
`@@ -121,9 +121,13 @@ pub mod model {`
`121`	`121`	`DefaultPrivilege::Writer { stream } => {`
`122`	`122`	`writer_perm_builder().with_stream(stream.to_owned())`
`123`	`123`	`}`
`124`		`- DefaultPrivilege::Reader { stream, tag } => reader_perm_builder()`
`125`		`- .with_stream(stream.to_owned())`
`126`		`- .with_tag(tag.to_owned()),`
	`124`	`+ DefaultPrivilege::Reader { stream, tag } => {`
	`125`	`+ let mut reader = reader_perm_builder().with_stream(stream.to_owned());`
	`126`	`+ if let Some(tag) = tag {`
	`127`	`+ reader = reader.with_tag(tag.to_owned())`
	`128`	`+ }`
	`129`	`+ reader`
	`130`	`+ }`
`127`	`131`	`}`
`128`	`132`	`}`
`129`	`133`	`}`