merge

src/query/interpreter.cpp

@@ -261,7 +261,7 @@ class ReplQueryHandler final : public query::ReplicationQueryHandler {
 
 class LabelChecker final : public memgraph::query::LabelChecker {
  public:
-  explicit LabelChecker(memgraph::auth::User *user, memgraph::query::DbAccessor *dba) : user_{user}, dba_(dba) {}
+  explicit LabelChecker(memgraph::auth::User *user) : user_{user} {}
 
   bool IsUserAuthorized(const std::vector<memgraph::storage::LabelId> &labels) const final {
     return std::any_of(labels.begin(), labels.end(), [this](const auto label) {
@@ -271,7 +271,6 @@ class LabelChecker final : public memgraph::query::LabelChecker {
 
  private:
   memgraph::auth::User *user_;
-  memgraph::query::DbAccessor *dba_;
 };
 
 Callback HandleAuthQuery(AuthQuery *auth_query, AuthQueryHandler *auth, const Parameters &parameters,
@@ -954,11 +953,12 @@ PullPlan::PullPlan(const std::shared_ptr<CachedPlan> plan, const Parameters &par
   ctx_.evaluation_context.parameters = parameters;
   ctx_.evaluation_context.properties = NamesToProperties(plan->ast_storage().properties_, dba);
   ctx_.evaluation_context.labels = NamesToLabels(plan->ast_storage().labels_, dba);
+#ifdef MG_ENTERPRISE
   if (username.has_value()) {
     memgraph::auth::User *user = interpreter_context->auth->GetUser(*username);
-    ctx_.label_checker = new LabelChecker{user, dba};
+    ctx_.label_checker = new LabelChecker{user};
   }
-
+#endif
   if (interpreter_context->config.execution_timeout_sec > 0) {
     ctx_.timer = utils::AsyncTimer{interpreter_context->config.execution_timeout_sec};
   }

src/query/label_checker.hpp

@@ -18,6 +18,7 @@
 namespace memgraph::query {
 class LabelChecker {
  public:
-  virtual bool IsUserAuthorized(const std::vector<memgraph::storage::LabelId> &label) const = 0;
+  virtual bool IsUserAuthorized(const std::vector<memgraph::storage::LabelId> &label,
+                                memgraph::query::DbAccessor *dba) const = 0;
 };
 }  // namespace memgraph::query

src/query/plan/operator.cpp

@@ -32,6 +32,7 @@
 #include "query/frontend/ast/ast.hpp"
 #include "query/frontend/semantic/symbol_table.hpp"
 #include "query/interpret/eval.hpp"
+#include "query/label_checker.hpp"
 #include "query/path.hpp"
 #include "query/plan/scoped_profile.hpp"
 #include "query/procedure/cypher_types.hpp"
@@ -394,8 +395,8 @@ class ScanAllCursor : public Cursor {
 
     while (!vertices_ || vertices_it_.value() == vertices_.value().end()) {
       if (!input_cursor_->Pull(frame, context)) return false;
-      // We need a getter function, because in case of exhausting a lazy
-      // iterable, we cannot simply reset it by calling begin().
+      // We need a getter function, because in case of exhausting a lazy iterable,
+      //     we cannot simply reset it by calling begin().
       auto next_vertices = get_vertices_(frame, context);
       if (!next_vertices) continue;
       // Since vertices iterator isn't nothrow_move_assignable, we have to use
@@ -405,17 +406,27 @@ class ScanAllCursor : public Cursor {
       vertices_it_.emplace(vertices_.value().begin());
     }
 
+#ifdef MG_ENTERPRISE
+    FilterNodes(context.label_checker, context.db_accessor);
+    if (vertices_it_.value() == vertices_.value().end()) return false;
+#endif
+
+    frame[output_symbol_] = *vertices_it_.value();
+    ++vertices_it_.value();
+
+    return true;
+  }
+
+  void FilterNodes(const LabelChecker *label_checker, DbAccessor *dba) {
+    if (!label_checker) return;
     while (vertices_it_.value() != vertices_.value().end()) {
       VertexAccessor vertex = *vertices_it_.value();
       auto vertex_labels = vertex.Labels(memgraph::storage::View::NEW).GetValue();
-      if (!context.label_checker || context.label_checker->IsUserAuthorized(vertex_labels)) {
-        frame[output_symbol_] = *vertices_it_.value();
-        ++vertices_it_.value();
-        return true;
+      if (label_checker->IsUserAuthorized(vertex_labels, dba)) {
+        break;
       }
       ++vertices_it_.value();
     }
-    return false;
   }
 
   void Shutdown() override { input_cursor_->Shutdown(); }