Class: GraphStarter::QueryAuthorizer

Inherits:
Object
  • Object
show all
Defined in:
lib/graph_starter/query_authorizer.rb

Instance Method Summary collapse

Constructor Details

#initialize(query_object, filter = nil) ⇒ QueryAuthorizer

Can take:

* a Query
* a Proxy object
* Anything that responds to #query where a `Query` is returned



7
8
9
10
11
12
 
# File 'lib/graph_starter/query_authorizer.rb', line 7

def initialize(query_object, filter = nil)
  validate_query_object!(query_object)

  @query_object = query_object
  @filter = filter
end

Instance Method Details

#authorized_pluck(variable, user) ⇒ Object 



14
15
16
 
# File 'lib/graph_starter/query_authorizer.rb', line 14

def authorized_pluck(variable, user)
  authorized_query(variable, [], user).pluck(variable)
end

#authorized_query(variable, secondary_variables, user) ⇒ Object 



18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
 
# File 'lib/graph_starter/query_authorizer.rb', line 18

def authorized_query(variable, secondary_variables, user)
  result_query = query.with(variable, *secondary_variables)

  result_query = authorized_user_query(result_query, user, variable, secondary_variables)

  # result_query.print_cypher
  # puts result_query.pluck('*').inspect

  list_variables = secondary_variables.map { |variable| "#{variable}_list" }

  # Collapse 2D array of all possible levels into one column of levels
  result_query
    .where_not("'denied' IN level_collection")
    .unwind(level: :level_collection).break
    .with('collect(level) AS levels', variable, *list_variables)
    .with("CASE WHEN 'write' IN levels THEN 'write' ELSE 'read' END AS level", variable, *list_variables)
end