Safe Haskell	Safe-Inferred

IHP.DataSync.RowLevelSecurity

Synopsis

ensureRLSEnabled :: (?modelContext :: ModelContext) => Text -> IO TableWithRLS
hasRLSEnabled :: (?modelContext :: ModelContext) => Text -> IO Bool
data TableWithRLS
makeCachedEnsureRLSEnabled :: (?modelContext :: ModelContext) => IO (Text -> IO TableWithRLS)
sqlQueryWithRLS :: (?modelContext :: ModelContext, ToRow parameters, ?context :: ControllerContext, userId ~ Id CurrentUserRecord, Show (PrimaryKey (GetTableName CurrentUserRecord)), HasNewSessionUrl CurrentUserRecord, Typeable CurrentUserRecord, ?context :: ControllerContext, HasField "id" CurrentUserRecord (Id' (GetTableName CurrentUserRecord)), ToField userId, FromRow result) => Query -> parameters -> IO [result]
sqlExecWithRLS :: (?modelContext :: ModelContext, ToRow parameters, ?context :: ControllerContext, userId ~ Id CurrentUserRecord, Show (PrimaryKey (GetTableName CurrentUserRecord)), HasNewSessionUrl CurrentUserRecord, Typeable CurrentUserRecord, ?context :: ControllerContext, HasField "id" CurrentUserRecord (Id' (GetTableName CurrentUserRecord)), ToField userId) => Query -> parameters -> IO Int64

Documentation

ensureRLSEnabled :: (?modelContext :: ModelContext) => Text -> IO TableWithRLS Source #

Returns a proof that RLS is enabled for a table

hasRLSEnabled :: (?modelContext :: ModelContext) => Text -> IO Bool Source #

Returns True if row level security has been enabled on a table

RLS can be enabled with this SQL statement:

ALTER TABLE my_table ENABLE ROW LEVEL SECURITY;

After this hasRLSEnabled will return true:

>>> hasRLSEnabled "my_table"
True

data TableWithRLS Source #

Can be constructed using ensureRLSEnabled

tableWithRLS <- ensureRLSEnabled "my_table"

Useful to carry a proof that the RLS is actually enabled

Instances

Instances details

Eq TableWithRLS Source #
Instance details Defined in IHP.DataSync.RowLevelSecurity Methods (==) :: TableWithRLS -> TableWithRLS -> Bool # (/=) :: TableWithRLS -> TableWithRLS -> Bool #
Ord TableWithRLS Source #
Instance details Defined in IHP.DataSync.RowLevelSecurity Methods compare :: TableWithRLS -> TableWithRLS -> Ordering # (<) :: TableWithRLS -> TableWithRLS -> Bool # (<=) :: TableWithRLS -> TableWithRLS -> Bool # (>) :: TableWithRLS -> TableWithRLS -> Bool # (>=) :: TableWithRLS -> TableWithRLS -> Bool # max :: TableWithRLS -> TableWithRLS -> TableWithRLS # min :: TableWithRLS -> TableWithRLS -> TableWithRLS #

makeCachedEnsureRLSEnabled :: (?modelContext :: ModelContext) => IO (Text -> IO TableWithRLS) Source #

Returns a factory for ensureRLSEnabled that memoizes when a table has RLS enabled.

When a table doesn't have RLS enabled yet, the result is not memoized.

Example:

-- Setup
ensureRLSEnabled <- makeCachedEnsureRLSEnabled

ensureRLSEnabled "projects" -- Runs a database query to check if row level security is enabled for the projects table

-- Asuming 'ensureRLSEnabled "projects"' proceeded without errors:

ensureRLSEnabled "projects" -- Now this will instantly return True and don't fire any SQL queries anymore

sqlQueryWithRLS :: (?modelContext :: ModelContext, ToRow parameters, ?context :: ControllerContext, userId ~ Id CurrentUserRecord, Show (PrimaryKey (GetTableName CurrentUserRecord)), HasNewSessionUrl CurrentUserRecord, Typeable CurrentUserRecord, ?context :: ControllerContext, HasField "id" CurrentUserRecord (Id' (GetTableName CurrentUserRecord)), ToField userId, FromRow result) => Query -> parameters -> IO [result] Source #

sqlExecWithRLS :: (?modelContext :: ModelContext, ToRow parameters, ?context :: ControllerContext, userId ~ Id CurrentUserRecord, Show (PrimaryKey (GetTableName CurrentUserRecord)), HasNewSessionUrl CurrentUserRecord, Typeable CurrentUserRecord, ?context :: ControllerContext, HasField "id" CurrentUserRecord (Id' (GetTableName CurrentUserRecord)), ToField userId) => Query -> parameters -> IO Int64 Source #