tursom/memgraph
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

[E129 < T0956] Filtering nodes in ScanAll cursor [Niko] (#492)

Browse Source 
* implemented scanall filtering

* minor code refactor

* FindNextNode -> FindNextVertex
This commit is contained in:
Boris Taševski 2022-08-04 19:20:17 +02:00 committed by GitHub
parent 480df4ed69
commit 116262d9a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 22 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/query/fine_grained_access_checker.hpp
View File

@ -19,6 +19,6 @@ namespace memgraph::query {
class FineGrainedAccessChecker { class FineGrainedAccessChecker {
public: public:
virtual bool IsUserAuthorizedLabels(const std::vector<memgraph::storage::LabelId> &label, virtual bool IsUserAuthorizedLabels(const std::vector<memgraph::storage::LabelId> &label,
memgraph::query::DbAccessor *dba) const = 0; const memgraph::query::DbAccessor *dba) const = 0;
}; };
} // namespace memgraph::query } // namespace memgraph::query

4
src/query/interpreter.cpp
View File

@ -266,10 +266,10 @@ class FineGrainedAccessChecker final : public memgraph::query::FineGrainedAccess
explicit FineGrainedAccessChecker(memgraph::auth::User *user) : user_{user} {} explicit FineGrainedAccessChecker(memgraph::auth::User *user) : user_{user} {}
bool IsUserAuthorizedLabels(const std::vector<memgraph::storage::LabelId> &labels, bool IsUserAuthorizedLabels(const std::vector<memgraph::storage::LabelId> &labels,
memgraph::query::DbAccessor *dba) const final { const memgraph::query::DbAccessor *dba) const final {
auto labelPermissions = user_->GetFineGrainedAccessPermissions(); auto labelPermissions = user_->GetFineGrainedAccessPermissions();
return std::any_of(labels.begin(), labels.end(), [&labelPermissions, &dba](const auto label) { return std::any_of(labels.begin(), labels.end(), [&labelPermissions, dba](const auto label) {
return labelPermissions.Has(dba->LabelToName(label)) == memgraph::auth::PermissionLevel::GRANT; return labelPermissions.Has(dba->LabelToName(label)) == memgraph::auth::PermissionLevel::GRANT;
}); });
} }

19
src/query/plan/operator.cpp
View File

@ -29,6 +29,7 @@
#include "query/context.hpp" #include "query/context.hpp"
#include "query/db_accessor.hpp" #include "query/db_accessor.hpp"
#include "query/exceptions.hpp" #include "query/exceptions.hpp"
#include "query/fine_grained_access_checker.hpp"
#include "query/frontend/ast/ast.hpp" #include "query/frontend/ast/ast.hpp"
#include "query/frontend/semantic/symbol_table.hpp" #include "query/frontend/semantic/symbol_table.hpp"
#include "query/interpret/eval.hpp" #include "query/interpret/eval.hpp"
@ -405,11 +406,29 @@ class ScanAllCursor : public Cursor {
vertices_it_.emplace(vertices_.value().begin()); vertices_it_.emplace(vertices_.value().begin());
} }
#ifdef MG_ENTERPRISE
if (context.fine_grained_access_checker && !FindNextVertex(context)) {
return false;
}
#endif
frame[output_symbol_] = *vertices_it_.value(); frame[output_symbol_] = *vertices_it_.value();
++vertices_it_.value(); ++vertices_it_.value();
return true; return true;
} }
bool FindNextVertex(const ExecutionContext &context) {
while (vertices_it_.value() != vertices_.value().end()) {
if (context.fine_grained_access_checker->IsUserAuthorizedLabels(
(*vertices_it_.value()).Labels(memgraph::storage::View::NEW).GetValue(), context.db_accessor)) {
return true;
}
++vertices_it_.value();
}
return false;
}
void Shutdown() override { input_cursor_->Shutdown(); } void Shutdown() override { input_cursor_->Shutdown(); }
void Reset() override { void Reset() override {