nbtprojects
diff --git a/‎README.md‎
Lines changed: 17 additions & 3 deletions b/‎README.md‎
Lines changed: 17 additions & 3 deletions
diff --git a/‎client/src/queries/QueryListDrawer.js‎
Lines changed: 1 addition & 4 deletions b/‎client/src/queries/QueryListDrawer.js‎
Lines changed: 1 addition & 4 deletions
diff --git a/‎client/src/queryEditor/toolbar/ToolbarShareQueryButton.js‎
Lines changed: 1 addition & 1 deletion b/‎client/src/queryEditor/toolbar/ToolbarShareQueryButton.js‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎client/src/stores/queries.js‎
Lines changed: 4 additions & 1 deletion b/‎client/src/stores/queries.js‎
Lines changed: 4 additions & 1 deletion
diff --git a/‎server/lib/decorateQueryUserAccess.js‎
Lines changed: 46 additions & 0 deletions b/‎server/lib/decorateQueryUserAccess.js‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎server/migrations/04-00110-query-acl-data.js‎
Lines changed: 1 addition & 3 deletions b/‎server/migrations/04-00110-query-acl-data.js‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎server/migrations/04-00120-query-acl-remove-old-constraint.js‎
Lines changed: 18 additions & 0 deletions b/‎server/migrations/04-00120-query-acl-remove-old-constraint.js‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎server/migrations/04-00121-query-acl-add-user-email.js‎
Lines changed: 18 additions & 0 deletions b/‎server/migrations/04-00121-query-acl-add-user-email.js‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎server/migrations/04-00122-query-acl-add-group-id.js‎
Lines changed: 18 additions & 0 deletions b/‎server/migrations/04-00122-query-acl-add-group-id.js‎
Lines changed: 18 additions & 0 deletions
diff --git a/‎server/migrations/04-00123-query-acl-remove-user-id-not-null.js‎
Lines changed: 20 additions & 0 deletions b/‎server/migrations/04-00123-query-acl-remove-user-id-not-null.js‎
Lines changed: 20 additions & 0 deletions
@@ -534,18 +534,32 @@ Queries are created or replaced matching on query id. At this time the query ACL
 
 At this point SQLPad does not enforce referential integrity, so queries may be created with a `createdBy` containing an email address for a user that does not exist.
 
-Example seed query JSON file:
+Example seed query JSON file (comments only added for doc purposes):
 
-```json
+```js
 {
   "id": "seed-query-1",
   "name": "Seed query 1",
   "connectionId": "seed-connection-1",
   "queryText": "SELECT * FROM seed_table",
   "createdBy": "[email protected]",
   "acl": [
+    // an ACL entry with write=false allows that user to read
+    // (and execute if they have connection permission)
+    // write=true allows user to save query
+    {
+      "userId": "some-userId-in-sqlpad",
+      "write": false
+    },
+    // ACL entry can also be specified with a users email address.
+    // The user does not need to exist in SQLPad at this point
+    {
+      "userEmail": "[email protected]",
+      "write": true
+    },
+    // Alternatively a special __EVERYONE__ group may be used to share the query with all SQLPad users
     {
-      "userId": "__EVERYONE__",
+      "groupId": "__EVERYONE__",
       "write": true
     }
   ]
 
@@ -137,9 +137,6 @@ function QueryListDrawer({
     const chartUrl = `/query-chart/${query._id}`;
     const queryUrl = `/queries/${query._id}`;
 
-    const canDelete =
-      currentUser.role === 'admin' || currentUser.email === query.createdBy;
-
     const hasChart =
       query && query.chartConfiguration && query.chartConfiguration.chartType;
 
@@ -181,7 +178,7 @@ function QueryListDrawer({
             key="del"
             confirmMessage={`Delete ${query.name}`}
             onConfirm={e => deleteQuery(query._id)}
-            disabled={!canDelete}
+            disabled={!query.canDelete}
           >
             Delete
           </DeleteConfirmButton>
 
@@ -20,7 +20,7 @@ function ToolbarShareQueryButton({ shared, setQueryState }) {
   function handleClick() {
     setQueryState(
       'acl',
-      shared ? [] : [{ userId: '__EVERYONE__', write: true }]
+      shared ? [] : [{ groupId: '__EVERYONE__', write: true }]
     );
   }
 
 
@@ -17,7 +17,10 @@ export const NEW_QUERY = {
   chartConfiguration: {
     chartType: '',
     fields: {} // key value for chart
-  }
+  },
+  canRead: true,
+  canWrite: true,
+  canDelete: true
 };
 
 export const initialState = {
 
@@ -0,0 +1,46 @@
+const consts = require('./consts');
+
+// Not sure where to put utilities like these
+
+/**
+ * Returns a decorated query object with canRead, canWrite, and canDelete properties
+ * @param {object} query
+ * @param {object} user
+ */
+function decorateQueryUserAccess(query, user) {
+  const { ...clone } = query;
+  clone.canRead = false;
+  clone.canWrite = false;
+  clone.canDelete = false;
+
+  if (user.role === 'admin' || user.email === clone.createdBy) {
+    clone.canRead = true;
+    clone.canWrite = true;
+    clone.canDelete = true;
+  } else if (clone.acl.length) {
+    const writeAcl = clone.acl
+      // filter acl records that match for this user
+      .filter(
+        acl =>
+          acl.groupId === consts.EVERYONE_ID ||
+          acl.userId === user._id ||
+          acl.userEmail === user.email
+      )
+      // and return first one that has write
+      .find(a => a.write === true);
+    clone.canWrite = Boolean(writeAcl);
+
+    // A record in ACL allows read permissions
+    const canRead = query.acl.find(
+      acl =>
+        acl.groupId === consts.EVERYONE_ID ||
+        acl.userId === user._id ||
+        acl.userEmail === user.email
+    );
+    clone.canRead = Boolean(canRead);
+  }
+
+  return clone;
+}
+
+module.exports = decorateQueryUserAccess;
@@ -1,5 +1,3 @@
-const consts = require('../lib/consts');
-
 /**
  * @param {import('sequelize').QueryInterface} queryInterface
  * @param {import('../lib/config')} config
@@ -14,7 +12,7 @@ async function up(queryInterface, config, appLog, nedb) {
     const records = queries.map(query => {
       return {
         query_id: query._id,
-        user_id: consts.EVERYONE_ID,
+        user_id: '__EVERYONE__', // value in consts.EVERYONE_ID at time of migration
         write: true,
         created_at: new Date(),
         updated_at: new Date()
 
@@ -0,0 +1,18 @@
+/**
+ * @param {import('sequelize').QueryInterface} queryInterface
+ * @param {import('../lib/config')} config
+ * @param {import('../lib/logger')} appLog
+ * @param {object} nedb - collection of nedb objects created in /lib/db.js
+ */
+// eslint-disable-next-line no-unused-vars
+async function up(queryInterface, config, appLog, nedb) {
+  // Remove unique constraint on query_id_user_id (it'll be added again switched around later)
+  await queryInterface.removeConstraint(
+    'query_acl',
+    'query_acl_query_id_user_id_key'
+  );
+}
+
+module.exports = {
+  up
+};
@@ -0,0 +1,18 @@
+const Sequelize = require('sequelize');
+
+/**
+ * @param {import('sequelize').QueryInterface} queryInterface
+ * @param {import('../lib/config')} config
+ * @param {import('../lib/logger')} appLog
+ * @param {object} nedb - collection of nedb objects created in /lib/db.js
+ */
+// eslint-disable-next-line no-unused-vars
+async function up(queryInterface, config, appLog, nedb) {
+  await queryInterface.addColumn('query_acl', 'user_email', {
+    type: Sequelize.STRING
+  });
+}
+
+module.exports = {
+  up
+};
@@ -0,0 +1,18 @@
+const Sequelize = require('sequelize');
+
+/**
+ * @param {import('sequelize').QueryInterface} queryInterface
+ * @param {import('../lib/config')} config
+ * @param {import('../lib/logger')} appLog
+ * @param {object} nedb - collection of nedb objects created in /lib/db.js
+ */
+// eslint-disable-next-line no-unused-vars
+async function up(queryInterface, config, appLog, nedb) {
+  await queryInterface.addColumn('query_acl', 'group_id', {
+    type: Sequelize.STRING
+  });
+}
+
+module.exports = {
+  up
+};
@@ -0,0 +1,20 @@
+const Sequelize = require('sequelize');
+
+/**
+ * @param {import('sequelize').QueryInterface} queryInterface
+ * @param {import('../lib/config')} config
+ * @param {import('../lib/logger')} appLog
+ * @param {object} nedb - collection of nedb objects created in /lib/db.js
+ */
+// eslint-disable-next-line no-unused-vars
+async function up(queryInterface, config, appLog, nedb) {
+  // remove not-null constraint for user_id
+  await queryInterface.changeColumn('query_acl', 'user_id', {
+    type: Sequelize.STRING,
+    allowNull: true
+  });
+}
+
+module.exports = {
+  up
+};
Original file line number	Diff line number	Diff line change
`@@ -20,7 +20,7 @@ function ToolbarShareQueryButton({ shared, setQueryState }) {`
`20`	`20`	`function handleClick() {`
`21`	`21`	`setQueryState(`
`22`	`22`	`'acl',`
`23`		`- shared ? [] : [{ userId: '__EVERYONE__', write: true }]`
	`23`	`+ shared ? [] : [{ groupId: '__EVERYONE__', write: true }]`
`24`	`24`	`);`
`25`	`25`	`}`
`26`	`26`