From 9f5ed697476a6ff16f609bd141a603548b016ab1 Mon Sep 17 00:00:00 2001
From: Satyam Singh <trueleo@protonmail.com>
Date: Thu, 3 Aug 2023 15:22:42 +0530
Subject: [PATCH 1/2] Make tag in reader role optional

---
 server/src/handlers/http/query.rs |  2 +-
 server/src/rbac/role.rs           | 13 +++++++++----
 2 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/server/src/handlers/http/query.rs b/server/src/handlers/http/query.rs
index 22a4c7fcc..eac411028 100644
--- a/server/src/handlers/http/query.rs
+++ b/server/src/handlers/http/query.rs
@@ -89,7 +89,7 @@ impl FromRequest for Query {
                 match permission {
                     Permission::Stream(Action::All, _) => authorized = true,
                     Permission::StreamWithTag(Action::Query, stream, tag)
-                        if stream == query.stream_name =>
+                        if stream == query.stream_name || stream == "*" =>
                     {
                         authorized = true;
                         if let Some(tag) = tag {
diff --git a/server/src/rbac/role.rs b/server/src/rbac/role.rs
index 62cb3320f..3849662ba 100644
--- a/server/src/rbac/role.rs
+++ b/server/src/rbac/role.rs
@@ -110,7 +110,7 @@ pub mod model {
         Admin,
         Editor,
         Writer { stream: String },
-        Reader { stream: String, tag: String },
+        Reader { stream: String, tag: Option<String> },
     }
 
     impl From<&DefaultPrivilege> for RoleBuilder {
@@ -121,9 +121,14 @@ pub mod model {
                 DefaultPrivilege::Writer { stream } => {
                     writer_perm_builder().with_stream(stream.to_owned())
                 }
-                DefaultPrivilege::Reader { stream, tag } => reader_perm_builder()
-                    .with_stream(stream.to_owned())
-                    .with_tag(tag.to_owned()),
+                DefaultPrivilege::Reader { stream, tag } => {
+                    let mut reader  = reader_perm_builder()
+                    .with_stream(stream.to_owned());
+                    if let Some(tag) = tag {
+                        reader = reader.with_tag(tag.to_owned())
+                    }
+                    reader
+                },
             }
         }
     }

From bf5ae441504c29b129f745c967058e547e9341ca Mon Sep 17 00:00:00 2001
From: Satyam Singh <trueleo@protonmail.com>
Date: Thu, 3 Aug 2023 15:37:30 +0530
Subject: [PATCH 2/2] Cargo fmt

---
 server/src/rbac/role.rs | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/server/src/rbac/role.rs b/server/src/rbac/role.rs
index 3849662ba..ab793de80 100644
--- a/server/src/rbac/role.rs
+++ b/server/src/rbac/role.rs
@@ -122,13 +122,12 @@ pub mod model {
                     writer_perm_builder().with_stream(stream.to_owned())
                 }
                 DefaultPrivilege::Reader { stream, tag } => {
-                    let mut reader  = reader_perm_builder()
-                    .with_stream(stream.to_owned());
+                    let mut reader = reader_perm_builder().with_stream(stream.to_owned());
                     if let Some(tag) = tag {
                         reader = reader.with_tag(tag.to_owned())
                     }
                     reader
-                },
+                }
             }
         }
     }