minor refactor and rewrite opa policy for crystal library

DiamondLightSource · Feb 20, 2024 · 4e6c951 · 4e6c951
1 parent 1b0da8d
commit 4e6c951
Show file tree

Hide file tree

Showing 4 changed files with 25 additions and 26 deletions.
diff --git a/backend/crystal_library/src/entities/crystal_wells.rs b/backend/crystal_library/src/entities/crystal_wells.rs
@@ -11,8 +11,8 @@ use uuid::Uuid;
 #[graphql(name = "crystal_wells")]
 pub struct Model {
     #[sea_orm(primary_key, auto_increment = false)]
-    pub id: Uuid,
     pub plate_id: Uuid,
+    #[sea_orm(primary_key, auto_increment = false)]
     pub well_number: i16,
     pub operator_id: String,
     pub timestamp: DateTime<Utc>,

diff --git a/backend/crystal_library/src/graphql/crystal_wells_res.rs b/backend/crystal_library/src/graphql/crystal_wells_res.rs
@@ -2,7 +2,7 @@ use crate::entities::crystal_wells;
 use async_graphql::{Context, Object};
 use chrono::Utc;
 use opa_client::subject_authorization;
-use sea_orm::{ActiveValue, DatabaseConnection, EntityTrait};
+use sea_orm::{ActiveValue, ColumnTrait, DatabaseConnection, EntityTrait, QueryFilter};
 use the_paginator::graphql::{CursorInput, ModelConnection};
 use uuid::Uuid;
 
@@ -31,11 +31,16 @@ impl CrystalQuery {
     async fn crystal(
         &self,
         ctx: &Context<'_>,
-        id: Uuid,
+        plate_id: Uuid,
+        well_number: i16,
     ) -> async_graphql::Result<Option<crystal_wells::Model>> {
         subject_authorization!("xchemlab.crystal_library.read_crystal", ctx).await?;
         let db = ctx.data::<DatabaseConnection>()?;
-        Ok(crystal_wells::Entity::find_by_id(id).one(db).await?)
+        Ok(crystal_wells::Entity::find()
+            .filter(crystal_wells::Column::PlateId.eq(plate_id))
+            .filter(crystal_wells::Column::WellNumber.eq(well_number))
+            .one(db)
+            .await?)
     }
 }
 
@@ -51,7 +56,6 @@ impl CrystalMutation {
             subject_authorization!("xchemlab.crystal_library.write_crystal", ctx).await?;
         let db = ctx.data::<DatabaseConnection>()?;
         let crystal = crystal_wells::ActiveModel {
-            id: ActiveValue::Set(Uuid::now_v7()),
             plate_id: ActiveValue::Set(plate_id),
             well_number: ActiveValue::Set(well_number),
             operator_id: ActiveValue::Set(operator_id),

diff --git a/backend/crystal_library/src/main.rs b/backend/crystal_library/src/main.rs
@@ -42,12 +42,16 @@ struct SchemaArgs {
     path: Option<PathBuf>,
 }
 
-async fn setup_database() -> Result<DatabaseConnection, TransactionError<DbErr>> {
-    let db_url =
-        ConnectOptions::new("postgres://postgres:password@postgres/crystal_library".to_string());
-    let db = Database::connect(db_url).await?;
-    migrator::Migrator::up(&db, None).await?;
-    Ok(db)
+async fn setup_database(
+    mut database_url: Url,
+) -> Result<DatabaseConnection, TransactionError<DbErr>> {
+    if database_url.path().is_empty() {
+        database_url.set_path("crystal_library");
+    }
+    let connection_options = ConnectOptions::new(database_url.to_string());
+    let connection = Database::connect(connection_options).await?;
+    migrator::Migrator::up(&connection, None).await?;
+    Ok(connection)
 }
 
 fn setup_router(schema: RootSchema) -> Router {
@@ -66,8 +70,8 @@ fn setup_router(schema: RootSchema) -> Router {
         .route_service(SUBSCRIPTION_ENDPOINT, GraphQLSubscription::new(schema))
 }
 
-async fn serve(router: Router) {
-    let socket_addr: SocketAddr = SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::UNSPECIFIED, 82));
+async fn serve(router: Router, port: u16) {
+    let socket_addr: SocketAddr = SocketAddr::V4(SocketAddrV4::new(Ipv4Addr::UNSPECIFIED, port));
     println!("GraphiQL IDE: {}", socket_addr);
     Server::bind(&socket_addr)
         .serve(router.into_make_service())
@@ -86,15 +90,15 @@ async fn main() {
 
     match args {
         Cli::Serve(args) => {
-            let db = setup_database().await.unwrap();
+            let db = setup_database(args.database_url).await.unwrap();
             let opa_client = OPAClient::new(args.opa_url);
             let schema = root_schema_builder()
                 .data(db)
                 .data(opa_client)
                 .extension(Tracing)
                 .finish();
             let router = setup_router(schema);
-            serve(router).await;
+            serve(router, args.port).await;
         }
         Cli::Schema(args) => {
             let schema = root_schema_builder().finish();

diff --git a/policies/crystal_library.rego b/policies/crystal_library.rego
@@ -1,23 +1,14 @@
 package xchemlab.crystal_library
 
 import data.xchemlab
-import rego.v1
 
 default read_crystal = {"allowed" : false}
 default write_crystal = {"allowed" : false}
 
-read_crystal = response if {
+read_crystal = {"allowed": true, "subject": xchemlab.subject} {
     xchemlab.valid_token
-    response := {
-        "allowed": true,
-        "subject": xchemlab.subject,
-    }
 }
 
-write_crystal = response if {
+write_crystal = {"allowed" : true, "subject" : xchemlab.subject} {
     xchemlab.valid_token
-    response := {
-        "allowed" : true, 
-        "subject" : xchemlab.subject,
-    }
 }