postgres-language-server/crates/pgt_schema_cache/src/roles.rs at a5111295a0e5ffbf2d84c6f02634358bbbd4116c · supabase-community/postgres-language-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
use crate::schema_cache::SchemaCacheItem;

#[derive(Debug, PartialEq, Eq)]
pub struct Role {
    pub name: String,
    pub is_super_user: bool,
    pub can_create_db: bool,
    pub can_login: bool,
    pub can_bypass_rls: bool,
}

impl SchemaCacheItem for Role {
    type Item = Role;

    async fn load(pool: &sqlx::PgPool) -> Result<Vec<Self::Item>, sqlx::Error> {
        sqlx::query_file_as!(Role, "src/queries/roles.sql")
            .fetch_all(pool)
            .await
    }
}

#[cfg(test)]
mod tests {
    use crate::SchemaCache;
    use pgt_test_utils::test_database::get_new_test_db;
    use sqlx::Executor;

    #[tokio::test]
    async fn loads_roles() {
        let test_db = get_new_test_db().await;

        let setup = r#"
            do $$
            begin
                if not exists (
                    select from pg_catalog.pg_roles
                    where rolname = 'test_super'
                ) then
                    create role test_super superuser createdb login bypassrls;
                end if;
                if not exists (
                    select from pg_catalog.pg_roles
                    where rolname = 'test_nologin'
                ) then
                    create role test_nologin;
                end if;
                if not exists (
                    select from pg_catalog.pg_roles
                    where rolname = 'test_login'
                ) then
                    create role test_login login;
                end if;
            end $$;
        "#;

        test_db
            .execute(setup)
            .await
            .expect("Failed to setup test database");

        let cache = SchemaCache::load(&test_db)
            .await
            .expect("Failed to load Schema Cache");

        let roles = &cache.roles;

        let super_role = roles.iter().find(|r| r.name == "test_super").unwrap();
        assert!(super_role.is_super_user);
        assert!(super_role.can_create_db);
        assert!(super_role.can_login);
        assert!(super_role.can_bypass_rls);

        let nologin_role = roles.iter().find(|r| r.name == "test_nologin").unwrap();
        assert!(!nologin_role.is_super_user);
        assert!(!nologin_role.can_create_db);
        assert!(!nologin_role.can_login);
        assert!(!nologin_role.can_bypass_rls);

        let login_role = roles.iter().find(|r| r.name == "test_login").unwrap();
        assert!(!login_role.is_super_user);
        assert!(!login_role.can_create_db);
        assert!(login_role.can_login);
        assert!(!login_role.can_bypass_rls);
    }
}