module Hasura.RemoteSchema.MetadataAPI.Permission
  ( AddRemoteSchemaPermission (..),
    DropRemoteSchemaPermissions (..),
    runDropRemoteSchemaPermissions,
    runAddRemoteSchemaPermissions,
  )
where

import Control.Lens ((^.))
import Data.Aeson qualified as J
import Data.HashMap.Strict qualified as HashMap
import Data.Text.Extended
import Hasura.Base.Error
import Hasura.EncJSON
import Hasura.Prelude
import Hasura.RQL.Types.Common
import Hasura.RQL.Types.Metadata
import Hasura.RQL.Types.Metadata.Object
import Hasura.RQL.Types.Roles (RoleName)
import Hasura.RQL.Types.Schema.Options qualified as Options
import Hasura.RQL.Types.SchemaCache
import Hasura.RQL.Types.SchemaCache.Build
import Hasura.RemoteSchema.Metadata
import Hasura.RemoteSchema.SchemaCache.Permission

data AddRemoteSchemaPermission = AddRemoteSchemaPermission
  { AddRemoteSchemaPermission -> RemoteSchemaName
_arspRemoteSchema :: RemoteSchemaName,
    AddRemoteSchemaPermission -> RoleName
_arspRole :: RoleName,
    AddRemoteSchemaPermission -> RemoteSchemaPermissionDefinition
_arspDefinition :: RemoteSchemaPermissionDefinition,
    AddRemoteSchemaPermission -> Maybe Text
_arspComment :: Maybe Text
  }
  deriving (Int -> AddRemoteSchemaPermission -> ShowS
[AddRemoteSchemaPermission] -> ShowS
AddRemoteSchemaPermission -> String
(Int -> AddRemoteSchemaPermission -> ShowS)
-> (AddRemoteSchemaPermission -> String)
-> ([AddRemoteSchemaPermission] -> ShowS)
-> Show AddRemoteSchemaPermission
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> AddRemoteSchemaPermission -> ShowS
showsPrec :: Int -> AddRemoteSchemaPermission -> ShowS
$cshow :: AddRemoteSchemaPermission -> String
show :: AddRemoteSchemaPermission -> String
$cshowList :: [AddRemoteSchemaPermission] -> ShowS
showList :: [AddRemoteSchemaPermission] -> ShowS
Show, AddRemoteSchemaPermission -> AddRemoteSchemaPermission -> Bool
(AddRemoteSchemaPermission -> AddRemoteSchemaPermission -> Bool)
-> (AddRemoteSchemaPermission -> AddRemoteSchemaPermission -> Bool)
-> Eq AddRemoteSchemaPermission
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: AddRemoteSchemaPermission -> AddRemoteSchemaPermission -> Bool
== :: AddRemoteSchemaPermission -> AddRemoteSchemaPermission -> Bool
$c/= :: AddRemoteSchemaPermission -> AddRemoteSchemaPermission -> Bool
/= :: AddRemoteSchemaPermission -> AddRemoteSchemaPermission -> Bool
Eq, (forall x.
 AddRemoteSchemaPermission -> Rep AddRemoteSchemaPermission x)
-> (forall x.
    Rep AddRemoteSchemaPermission x -> AddRemoteSchemaPermission)
-> Generic AddRemoteSchemaPermission
forall x.
Rep AddRemoteSchemaPermission x -> AddRemoteSchemaPermission
forall x.
AddRemoteSchemaPermission -> Rep AddRemoteSchemaPermission x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cfrom :: forall x.
AddRemoteSchemaPermission -> Rep AddRemoteSchemaPermission x
from :: forall x.
AddRemoteSchemaPermission -> Rep AddRemoteSchemaPermission x
$cto :: forall x.
Rep AddRemoteSchemaPermission x -> AddRemoteSchemaPermission
to :: forall x.
Rep AddRemoteSchemaPermission x -> AddRemoteSchemaPermission
Generic)

instance NFData AddRemoteSchemaPermission

instance J.FromJSON AddRemoteSchemaPermission where
  parseJSON :: Value -> Parser AddRemoteSchemaPermission
parseJSON = Options -> Value -> Parser AddRemoteSchemaPermission
forall a.
(Generic a, GFromJSON Zero (Rep a)) =>
Options -> Value -> Parser a
J.genericParseJSON Options
hasuraJSON

instance J.ToJSON AddRemoteSchemaPermission where
  toJSON :: AddRemoteSchemaPermission -> Value
toJSON = Options -> AddRemoteSchemaPermission -> Value
forall a.
(Generic a, GToJSON' Value Zero (Rep a)) =>
Options -> a -> Value
J.genericToJSON Options
hasuraJSON
  toEncoding :: AddRemoteSchemaPermission -> Encoding
toEncoding = Options -> AddRemoteSchemaPermission -> Encoding
forall a.
(Generic a, GToJSON' Encoding Zero (Rep a)) =>
Options -> a -> Encoding
J.genericToEncoding Options
hasuraJSON

data DropRemoteSchemaPermissions = DropRemoteSchemaPermissions
  { DropRemoteSchemaPermissions -> RemoteSchemaName
_drspRemoteSchema :: RemoteSchemaName,
    DropRemoteSchemaPermissions -> RoleName
_drspRole :: RoleName
  }
  deriving (Int -> DropRemoteSchemaPermissions -> ShowS
[DropRemoteSchemaPermissions] -> ShowS
DropRemoteSchemaPermissions -> String
(Int -> DropRemoteSchemaPermissions -> ShowS)
-> (DropRemoteSchemaPermissions -> String)
-> ([DropRemoteSchemaPermissions] -> ShowS)
-> Show DropRemoteSchemaPermissions
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> DropRemoteSchemaPermissions -> ShowS
showsPrec :: Int -> DropRemoteSchemaPermissions -> ShowS
$cshow :: DropRemoteSchemaPermissions -> String
show :: DropRemoteSchemaPermissions -> String
$cshowList :: [DropRemoteSchemaPermissions] -> ShowS
showList :: [DropRemoteSchemaPermissions] -> ShowS
Show, DropRemoteSchemaPermissions -> DropRemoteSchemaPermissions -> Bool
(DropRemoteSchemaPermissions
 -> DropRemoteSchemaPermissions -> Bool)
-> (DropRemoteSchemaPermissions
    -> DropRemoteSchemaPermissions -> Bool)
-> Eq DropRemoteSchemaPermissions
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
$c== :: DropRemoteSchemaPermissions -> DropRemoteSchemaPermissions -> Bool
== :: DropRemoteSchemaPermissions -> DropRemoteSchemaPermissions -> Bool
$c/= :: DropRemoteSchemaPermissions -> DropRemoteSchemaPermissions -> Bool
/= :: DropRemoteSchemaPermissions -> DropRemoteSchemaPermissions -> Bool
Eq, (forall x.
 DropRemoteSchemaPermissions -> Rep DropRemoteSchemaPermissions x)
-> (forall x.
    Rep DropRemoteSchemaPermissions x -> DropRemoteSchemaPermissions)
-> Generic DropRemoteSchemaPermissions
forall x.
Rep DropRemoteSchemaPermissions x -> DropRemoteSchemaPermissions
forall x.
DropRemoteSchemaPermissions -> Rep DropRemoteSchemaPermissions x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cfrom :: forall x.
DropRemoteSchemaPermissions -> Rep DropRemoteSchemaPermissions x
from :: forall x.
DropRemoteSchemaPermissions -> Rep DropRemoteSchemaPermissions x
$cto :: forall x.
Rep DropRemoteSchemaPermissions x -> DropRemoteSchemaPermissions
to :: forall x.
Rep DropRemoteSchemaPermissions x -> DropRemoteSchemaPermissions
Generic)

instance NFData DropRemoteSchemaPermissions

instance J.FromJSON DropRemoteSchemaPermissions where
  parseJSON :: Value -> Parser DropRemoteSchemaPermissions
parseJSON = Options -> Value -> Parser DropRemoteSchemaPermissions
forall a.
(Generic a, GFromJSON Zero (Rep a)) =>
Options -> Value -> Parser a
J.genericParseJSON Options
hasuraJSON

instance J.ToJSON DropRemoteSchemaPermissions where
  toJSON :: DropRemoteSchemaPermissions -> Value
toJSON = Options -> DropRemoteSchemaPermissions -> Value
forall a.
(Generic a, GToJSON' Value Zero (Rep a)) =>
Options -> a -> Value
J.genericToJSON Options
hasuraJSON
  toEncoding :: DropRemoteSchemaPermissions -> Encoding
toEncoding = Options -> DropRemoteSchemaPermissions -> Encoding
forall a.
(Generic a, GToJSON' Encoding Zero (Rep a)) =>
Options -> a -> Encoding
J.genericToEncoding Options
hasuraJSON

runAddRemoteSchemaPermissions ::
  ( QErrM m,
    CacheRWM m,
    MetadataM m
  ) =>
  Options.RemoteSchemaPermissions ->
  AddRemoteSchemaPermission ->
  m EncJSON
runAddRemoteSchemaPermissions :: forall (m :: * -> *).
(QErrM m, CacheRWM m, MetadataM m) =>
RemoteSchemaPermissions -> AddRemoteSchemaPermission -> m EncJSON
runAddRemoteSchemaPermissions RemoteSchemaPermissions
remoteSchemaPermsCtx AddRemoteSchemaPermission
q = do
  Metadata
metadata <- m Metadata
forall (m :: * -> *). MetadataM m => m Metadata
getMetadata
  Bool -> m () -> m ()
forall (f :: * -> *). Applicative f => Bool -> f () -> f ()
unless (RemoteSchemaPermissions
remoteSchemaPermsCtx RemoteSchemaPermissions -> RemoteSchemaPermissions -> Bool
forall a. Eq a => a -> a -> Bool
== RemoteSchemaPermissions
Options.EnableRemoteSchemaPermissions) (m () -> m ()) -> m () -> m ()
forall a b. (a -> b) -> a -> b
$ do
    Code -> Text -> m ()
forall (m :: * -> *) a. QErrM m => Code -> Text -> m a
throw400 Code
ConstraintViolation
      (Text -> m ()) -> Text -> m ()
forall a b. (a -> b) -> a -> b
$ Text
"remote schema permissions can only be added when "
      Text -> Text -> Text
forall a. Semigroup a => a -> a -> a
<> Text
"remote schema permissions are enabled in the graphql-engine"
  RemoteSchemaMap
remoteSchemaMap <- SchemaCache -> RemoteSchemaMap
scRemoteSchemas (SchemaCache -> RemoteSchemaMap)
-> m SchemaCache -> m RemoteSchemaMap
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> m SchemaCache
forall (m :: * -> *). CacheRM m => m SchemaCache
askSchemaCache
  RemoteSchemaCtx
remoteSchemaCtx <-
    Maybe RemoteSchemaCtx -> m RemoteSchemaCtx -> m RemoteSchemaCtx
forall (m :: * -> *) a. Applicative m => Maybe a -> m a -> m a
onNothing (RemoteSchemaName -> RemoteSchemaMap -> Maybe RemoteSchemaCtx
forall k v. (Eq k, Hashable k) => k -> HashMap k v -> Maybe v
HashMap.lookup RemoteSchemaName
name RemoteSchemaMap
remoteSchemaMap)
      (m RemoteSchemaCtx -> m RemoteSchemaCtx)
-> m RemoteSchemaCtx -> m RemoteSchemaCtx
forall a b. (a -> b) -> a -> b
$ Code -> Text -> m RemoteSchemaCtx
forall (m :: * -> *) a. QErrM m => Code -> Text -> m a
throw400 Code
NotExists
      (Text -> m RemoteSchemaCtx) -> Text -> m RemoteSchemaCtx
forall a b. (a -> b) -> a -> b
$ Text
"remote schema "
      Text -> Text -> Text
forall a. Semigroup a => a -> a -> a
<> RemoteSchemaName
name
      RemoteSchemaName -> Text -> Text
forall t. ToTxt t => t -> Text -> Text
<<> Text
" doesn't exist"
  Bool -> m () -> m ()
forall (f :: * -> *). Applicative f => Bool -> f () -> f ()
when (Metadata -> RemoteSchemaName -> RoleName -> Bool
doesRemoteSchemaPermissionExist Metadata
metadata RemoteSchemaName
name RoleName
role)
    (m () -> m ()) -> m () -> m ()
forall a b. (a -> b) -> a -> b
$ Code -> Text -> m ()
forall (m :: * -> *) a. QErrM m => Code -> Text -> m a
throw400 Code
AlreadyExists
    (Text -> m ()) -> Text -> m ()
forall a b. (a -> b) -> a -> b
$ Text
"permissions for role: "
    Text -> Text -> Text
forall a. Semigroup a => a -> a -> a
<> RoleName
role
    RoleName -> Text -> Text
forall t. ToTxt t => t -> Text -> Text
<<> Text
" for remote schema:"
    Text -> Text -> Text
forall a. Semigroup a => a -> a -> a
<> RemoteSchemaName
name
    RemoteSchemaName -> Text -> Text
forall t. ToTxt t => t -> Text -> Text
<<> Text
" already exists"
  m (IntrospectionResult, SchemaDependency) -> m ()
forall (f :: * -> *) a. Functor f => f a -> f ()
void (m (IntrospectionResult, SchemaDependency) -> m ())
-> m (IntrospectionResult, SchemaDependency) -> m ()
forall a b. (a -> b) -> a -> b
$ RoleName
-> RemoteSchemaName
-> IntrospectionResult
-> SchemaDocument
-> m (IntrospectionResult, SchemaDependency)
forall (m :: * -> *).
MonadError QErr m =>
RoleName
-> RemoteSchemaName
-> IntrospectionResult
-> SchemaDocument
-> m (IntrospectionResult, SchemaDependency)
resolveRoleBasedRemoteSchema RoleName
role RemoteSchemaName
name (RemoteSchemaCtx -> IntrospectionResult
forall remoteFieldInfo.
RemoteSchemaCtxG remoteFieldInfo -> IntrospectionResult
_rscIntroOriginal RemoteSchemaCtx
remoteSchemaCtx) SchemaDocument
providedSchemaDoc
  MetadataObjId -> MetadataModifier -> m ()
forall (m :: * -> *).
(QErrM m, CacheRWM m, MetadataM m) =>
MetadataObjId -> MetadataModifier -> m ()
buildSchemaCacheFor (RemoteSchemaName -> RoleName -> MetadataObjId
MORemoteSchemaPermissions RemoteSchemaName
name RoleName
role)
    (MetadataModifier -> m ()) -> MetadataModifier -> m ()
forall a b. (a -> b) -> a -> b
$ (Metadata -> Metadata) -> MetadataModifier
MetadataModifier
    ((Metadata -> Metadata) -> MetadataModifier)
-> (Metadata -> Metadata) -> MetadataModifier
forall a b. (a -> b) -> a -> b
$ (RemoteSchemas -> Identity RemoteSchemas)
-> Metadata -> Identity Metadata
Lens' Metadata RemoteSchemas
metaRemoteSchemas
    ((RemoteSchemas -> Identity RemoteSchemas)
 -> Metadata -> Identity Metadata)
-> (([RemoteSchemaPermissionMetadata]
     -> Identity [RemoteSchemaPermissionMetadata])
    -> RemoteSchemas -> Identity RemoteSchemas)
-> ([RemoteSchemaPermissionMetadata]
    -> Identity [RemoteSchemaPermissionMetadata])
-> Metadata
-> Identity Metadata
forall b c a. (b -> c) -> (a -> b) -> a -> c
. Index RemoteSchemas
-> Traversal' RemoteSchemas (IxValue RemoteSchemas)
forall m. Ixed m => Index m -> Traversal' m (IxValue m)
ix Index RemoteSchemas
RemoteSchemaName
name
    ((RemoteSchemaMetadataG RemoteRelationshipDefinition
  -> Identity (RemoteSchemaMetadataG RemoteRelationshipDefinition))
 -> RemoteSchemas -> Identity RemoteSchemas)
-> (([RemoteSchemaPermissionMetadata]
     -> Identity [RemoteSchemaPermissionMetadata])
    -> RemoteSchemaMetadataG RemoteRelationshipDefinition
    -> Identity (RemoteSchemaMetadataG RemoteRelationshipDefinition))
-> ([RemoteSchemaPermissionMetadata]
    -> Identity [RemoteSchemaPermissionMetadata])
-> RemoteSchemas
-> Identity RemoteSchemas
forall b c a. (b -> c) -> (a -> b) -> a -> c
. ([RemoteSchemaPermissionMetadata]
 -> Identity [RemoteSchemaPermissionMetadata])
-> RemoteSchemaMetadataG RemoteRelationshipDefinition
-> Identity (RemoteSchemaMetadataG RemoteRelationshipDefinition)
forall r (f :: * -> *).
Functor f =>
([RemoteSchemaPermissionMetadata]
 -> f [RemoteSchemaPermissionMetadata])
-> RemoteSchemaMetadataG r -> f (RemoteSchemaMetadataG r)
rsmPermissions
    (([RemoteSchemaPermissionMetadata]
  -> Identity [RemoteSchemaPermissionMetadata])
 -> Metadata -> Identity Metadata)
-> ([RemoteSchemaPermissionMetadata]
    -> [RemoteSchemaPermissionMetadata])
-> Metadata
-> Metadata
forall s t a b. ASetter s t a b -> (a -> b) -> s -> t
%~ (:) RemoteSchemaPermissionMetadata
remoteSchemaPermMeta
  EncJSON -> m EncJSON
forall a. a -> m a
forall (f :: * -> *) a. Applicative f => a -> f a
pure EncJSON
successMsg
  where
    AddRemoteSchemaPermission RemoteSchemaName
name RoleName
role RemoteSchemaPermissionDefinition
defn Maybe Text
comment = AddRemoteSchemaPermission
q

    remoteSchemaPermMeta :: RemoteSchemaPermissionMetadata
remoteSchemaPermMeta = RoleName
-> RemoteSchemaPermissionDefinition
-> Maybe Text
-> RemoteSchemaPermissionMetadata
RemoteSchemaPermissionMetadata RoleName
role RemoteSchemaPermissionDefinition
defn Maybe Text
comment

    providedSchemaDoc :: SchemaDocument
providedSchemaDoc = RemoteSchemaPermissionDefinition -> SchemaDocument
_rspdSchema RemoteSchemaPermissionDefinition
defn

doesRemoteSchemaPermissionExist :: Metadata -> RemoteSchemaName -> RoleName -> Bool
doesRemoteSchemaPermissionExist :: Metadata -> RemoteSchemaName -> RoleName -> Bool
doesRemoteSchemaPermissionExist Metadata
metadata RemoteSchemaName
remoteSchemaName RoleName
roleName =
  (RemoteSchemaPermissionMetadata -> Bool)
-> [RemoteSchemaPermissionMetadata] -> Bool
forall (t :: * -> *) a. Foldable t => (a -> Bool) -> t a -> Bool
any ((RoleName -> RoleName -> Bool
forall a. Eq a => a -> a -> Bool
== RoleName
roleName) (RoleName -> Bool)
-> (RemoteSchemaPermissionMetadata -> RoleName)
-> RemoteSchemaPermissionMetadata
-> Bool
forall b c a. (b -> c) -> (a -> b) -> a -> c
. RemoteSchemaPermissionMetadata -> RoleName
_rspmRole) ([RemoteSchemaPermissionMetadata] -> Bool)
-> [RemoteSchemaPermissionMetadata] -> Bool
forall a b. (a -> b) -> a -> b
$ Metadata
metadata Metadata
-> Getting
     [RemoteSchemaPermissionMetadata]
     Metadata
     [RemoteSchemaPermissionMetadata]
-> [RemoteSchemaPermissionMetadata]
forall s a. s -> Getting a s a -> a
^. ((RemoteSchemas
 -> Const [RemoteSchemaPermissionMetadata] RemoteSchemas)
-> Metadata -> Const [RemoteSchemaPermissionMetadata] Metadata
Lens' Metadata RemoteSchemas
metaRemoteSchemas ((RemoteSchemas
  -> Const [RemoteSchemaPermissionMetadata] RemoteSchemas)
 -> Metadata -> Const [RemoteSchemaPermissionMetadata] Metadata)
-> (([RemoteSchemaPermissionMetadata]
     -> Const
          [RemoteSchemaPermissionMetadata] [RemoteSchemaPermissionMetadata])
    -> RemoteSchemas
    -> Const [RemoteSchemaPermissionMetadata] RemoteSchemas)
-> Getting
     [RemoteSchemaPermissionMetadata]
     Metadata
     [RemoteSchemaPermissionMetadata]
forall b c a. (b -> c) -> (a -> b) -> a -> c
. Index RemoteSchemas
-> Traversal' RemoteSchemas (IxValue RemoteSchemas)
forall m. Ixed m => Index m -> Traversal' m (IxValue m)
ix Index RemoteSchemas
RemoteSchemaName
remoteSchemaName ((RemoteSchemaMetadataG RemoteRelationshipDefinition
  -> Const
       [RemoteSchemaPermissionMetadata]
       (RemoteSchemaMetadataG RemoteRelationshipDefinition))
 -> RemoteSchemas
 -> Const [RemoteSchemaPermissionMetadata] RemoteSchemas)
-> (([RemoteSchemaPermissionMetadata]
     -> Const
          [RemoteSchemaPermissionMetadata] [RemoteSchemaPermissionMetadata])
    -> RemoteSchemaMetadataG RemoteRelationshipDefinition
    -> Const
         [RemoteSchemaPermissionMetadata]
         (RemoteSchemaMetadataG RemoteRelationshipDefinition))
-> ([RemoteSchemaPermissionMetadata]
    -> Const
         [RemoteSchemaPermissionMetadata] [RemoteSchemaPermissionMetadata])
-> RemoteSchemas
-> Const [RemoteSchemaPermissionMetadata] RemoteSchemas
forall b c a. (b -> c) -> (a -> b) -> a -> c
. ([RemoteSchemaPermissionMetadata]
 -> Const
      [RemoteSchemaPermissionMetadata] [RemoteSchemaPermissionMetadata])
-> RemoteSchemaMetadataG RemoteRelationshipDefinition
-> Const
     [RemoteSchemaPermissionMetadata]
     (RemoteSchemaMetadataG RemoteRelationshipDefinition)
forall r (f :: * -> *).
Functor f =>
([RemoteSchemaPermissionMetadata]
 -> f [RemoteSchemaPermissionMetadata])
-> RemoteSchemaMetadataG r -> f (RemoteSchemaMetadataG r)
rsmPermissions)

runDropRemoteSchemaPermissions ::
  ( QErrM m,
    CacheRWM m,
    MetadataM m
  ) =>
  DropRemoteSchemaPermissions ->
  m EncJSON
runDropRemoteSchemaPermissions :: forall (m :: * -> *).
(QErrM m, CacheRWM m, MetadataM m) =>
DropRemoteSchemaPermissions -> m EncJSON
runDropRemoteSchemaPermissions (DropRemoteSchemaPermissions RemoteSchemaName
name RoleName
roleName) = do
  Metadata
metadata <- m Metadata
forall (m :: * -> *). MetadataM m => m Metadata
getMetadata
  RemoteSchemaMap
remoteSchemaMap <- SchemaCache -> RemoteSchemaMap
scRemoteSchemas (SchemaCache -> RemoteSchemaMap)
-> m SchemaCache -> m RemoteSchemaMap
forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
<$> m SchemaCache
forall (m :: * -> *). CacheRM m => m SchemaCache
askSchemaCache
  m RemoteSchemaCtx -> m ()
forall (f :: * -> *) a. Functor f => f a -> f ()
void
    (m RemoteSchemaCtx -> m ()) -> m RemoteSchemaCtx -> m ()
forall a b. (a -> b) -> a -> b
$ Maybe RemoteSchemaCtx -> m RemoteSchemaCtx -> m RemoteSchemaCtx
forall (m :: * -> *) a. Applicative m => Maybe a -> m a -> m a
onNothing (RemoteSchemaName -> RemoteSchemaMap -> Maybe RemoteSchemaCtx
forall k v. (Eq k, Hashable k) => k -> HashMap k v -> Maybe v
HashMap.lookup RemoteSchemaName
name RemoteSchemaMap
remoteSchemaMap)
    (m RemoteSchemaCtx -> m RemoteSchemaCtx)
-> m RemoteSchemaCtx -> m RemoteSchemaCtx
forall a b. (a -> b) -> a -> b
$ Code -> Text -> m RemoteSchemaCtx
forall (m :: * -> *) a. QErrM m => Code -> Text -> m a
throw400 Code
NotExists
    (Text -> m RemoteSchemaCtx) -> Text -> m RemoteSchemaCtx
forall a b. (a -> b) -> a -> b
$ Text
"remote schema "
    Text -> Text -> Text
forall a. Semigroup a => a -> a -> a
<> RemoteSchemaName
name
    RemoteSchemaName -> Text -> Text
forall t. ToTxt t => t -> Text -> Text
<<> Text
" doesn't exist"
  Bool -> m () -> m ()
forall (f :: * -> *). Applicative f => Bool -> f () -> f ()
unless (Metadata -> RemoteSchemaName -> RoleName -> Bool
doesRemoteSchemaPermissionExist Metadata
metadata RemoteSchemaName
name RoleName
roleName)
    (m () -> m ()) -> m () -> m ()
forall a b. (a -> b) -> a -> b
$ Code -> Text -> m ()
forall (m :: * -> *) a. QErrM m => Code -> Text -> m a
throw400 Code
NotExists
    (Text -> m ()) -> Text -> m ()
forall a b. (a -> b) -> a -> b
$ Text
"permissions for role: "
    Text -> Text -> Text
forall a. Semigroup a => a -> a -> a
<> RoleName
roleName
    RoleName -> Text -> Text
forall t. ToTxt t => t -> Text -> Text
<<> Text
" for remote schema:"
    Text -> Text -> Text
forall a. Semigroup a => a -> a -> a
<> RemoteSchemaName
name
    RemoteSchemaName -> Text -> Text
forall t. ToTxt t => t -> Text -> Text
<<> Text
" doesn't exist"
  MetadataObjId -> MetadataModifier -> m ()
forall (m :: * -> *).
(QErrM m, CacheRWM m, MetadataM m) =>
MetadataObjId -> MetadataModifier -> m ()
buildSchemaCacheFor (RemoteSchemaName -> RoleName -> MetadataObjId
MORemoteSchemaPermissions RemoteSchemaName
name RoleName
roleName)
    (MetadataModifier -> m ()) -> MetadataModifier -> m ()
forall a b. (a -> b) -> a -> b
$ RemoteSchemaName -> RoleName -> MetadataModifier
dropRemoteSchemaPermissionInMetadata RemoteSchemaName
name RoleName
roleName
  EncJSON -> m EncJSON
forall a. a -> m a
forall (f :: * -> *) a. Applicative f => a -> f a
pure EncJSON
successMsg