mz_expr/scalar/func/impls/
mz_acl_item.rs

1// Copyright Materialize, Inc. and contributors. All rights reserved.
2//
3// Use of this software is governed by the Business Source License
4// included in the LICENSE file.
5//
6// As of the Change Date specified in that file, in accordance with
7// the Business Source License, use of this software will be governed
8// by the Apache License, Version 2.0.
9
10use std::str::FromStr;
11
12use mz_expr_derive::sqlfunc;
13use mz_ore::str::StrExt;
14use mz_repr::ArrayRustType;
15use mz_repr::adt::mz_acl_item::{AclItem, AclMode, MzAclItem};
16use mz_repr::adt::system::Oid;
17
18use crate::EvalError;
19
20#[sqlfunc(sqlname = "mz_aclitem_grantor")]
21fn mz_acl_item_grantor(mz_acl_item: MzAclItem) -> String {
22    mz_acl_item.grantor.to_string()
23}
24
25#[sqlfunc(sqlname = "aclitem_grantor")]
26fn acl_item_grantor(acl_item: AclItem) -> Oid {
27    acl_item.grantor
28}
29
30#[sqlfunc(sqlname = "mz_aclitem_grantee")]
31fn mz_acl_item_grantee(mz_acl_item: MzAclItem) -> String {
32    mz_acl_item.grantee.to_string()
33}
34
35#[sqlfunc(sqlname = "aclitem_grantee")]
36fn acl_item_grantee(acl_item: AclItem) -> Oid {
37    acl_item.grantee
38}
39
40#[sqlfunc(sqlname = "mz_aclitem_privileges")]
41fn mz_acl_item_privileges(mz_acl_item: MzAclItem) -> String {
42    mz_acl_item.acl_mode.to_string()
43}
44
45#[sqlfunc(sqlname = "aclitem_privileges")]
46fn acl_item_privileges(acl_item: AclItem) -> String {
47    acl_item.acl_mode.to_string()
48}
49
50#[sqlfunc(sqlname = "mz_format_privileges")]
51fn mz_format_privileges(privileges: String) -> Result<ArrayRustType<String>, EvalError> {
52    AclMode::from_str(&privileges)
53        .map(|acl_mode| {
54            ArrayRustType(
55                acl_mode
56                    .explode()
57                    .into_iter()
58                    .map(|privilege| privilege.to_string())
59                    .collect(),
60            )
61        })
62        .map_err(|e: anyhow::Error| EvalError::InvalidPrivileges(e.to_string().into()))
63}
64
65#[sqlfunc(sqlname = "mz_validate_privileges")]
66fn mz_validate_privileges(privileges: String) -> Result<bool, EvalError> {
67    AclMode::parse_multiple_privileges(&privileges)
68        .map(|_| true)
69        .map_err(|e: anyhow::Error| EvalError::InvalidPrivileges(e.to_string().into()))
70}
71
72#[sqlfunc(sqlname = "mz_validate_role_privilege")]
73fn mz_validate_role_privilege(privilege: String) -> Result<bool, EvalError> {
74    let privilege_upper = privilege.to_uppercase();
75    if privilege_upper != "MEMBER" && privilege_upper != "USAGE" {
76        Err(EvalError::InvalidPrivileges(
77            format!("{}", privilege.quoted()).into(),
78        ))
79    } else {
80        Ok(true)
81    }
82}