-
-
Notifications
You must be signed in to change notification settings - Fork 4
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(console): setting houdini session
- Loading branch information
Showing
18 changed files
with
655 additions
and
10 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
mutation CreatePolicy($data: policies_insert_input!) { | ||
insert_policies_one(object: $data) { | ||
id | ||
weight | ||
active | ||
validFrom | ||
validTo | ||
subjectId | ||
subjectType | ||
subjectDisplayName | ||
subjectSecondaryId | ||
createdBy | ||
createdAt | ||
updatedAt | ||
updatedBy | ||
organization | ||
rule { | ||
id | ||
displayName | ||
description | ||
tags | ||
annotations | ||
shared | ||
source | ||
sourcePort | ||
destination | ||
destinationPort | ||
protocol | ||
direction | ||
action | ||
appId | ||
throttleRate | ||
weight | ||
createdBy | ||
createdAt | ||
updatedAt | ||
updatedBy | ||
organization | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
mutation DeletePolicy($policyId: uuid!, $ruleId: uuid!, $deletedAt: timestamptz!) { | ||
update_policies_by_pk(pk_columns: { id: $policyId }, _set: { deletedAt: $deletedAt }) { | ||
id | ||
} | ||
update_rules( | ||
where: { shared: { _eq: false }, id: { _eq: $ruleId } } | ||
_set: { deletedAt: $deletedAt } | ||
) { | ||
affected_rows | ||
returning { | ||
id | ||
displayName | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,18 @@ | ||
mutation UpdatePolicy( | ||
$policyId: uuid! | ||
$policyData: policies_set_input! | ||
$ruleId: uuid! | ||
$ruleData: rules_set_input! | ||
$skipRuleUpdate: Boolean = false | ||
) { | ||
update_policies_by_pk(pk_columns: { id: $policyId }, _set: $policyData) { | ||
id | ||
subjectDisplayName | ||
updatedAt | ||
} | ||
update_rules_by_pk(pk_columns: { id: $ruleId }, _set: $ruleData) @skip(if: $skipRuleUpdate) { | ||
id | ||
displayName | ||
updatedAt | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,30 @@ | ||
query GetPolicy($id: uuid!) { | ||
policies_by_pk(id: $id) { | ||
weight | ||
active | ||
validFrom | ||
validTo | ||
subjectId | ||
subjectType | ||
subjectDisplayName | ||
subjectSecondaryId | ||
ruleId | ||
rule { | ||
displayName | ||
description | ||
tags | ||
annotations | ||
shared | ||
source | ||
sourcePort | ||
destination | ||
destinationPort | ||
protocol | ||
direction | ||
action | ||
appId | ||
throttleRate | ||
weight | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,45 @@ | ||
# query ListPolicies( | ||
# $limit: Int = 50 | ||
# $offset: Int = 0 | ||
# $orderBy: [policies_order_by!] = [{ updatedAt: desc_nulls_last }] | ||
# ) { | ||
# policies(order_by: $orderBy, limit: $limit, offset: $offset) { | ||
# ...Policy_list_fields @mask_disable | ||
# } | ||
# } | ||
query ListPolicies( | ||
$where: policies_bool_exp | ||
$limit: Int = 50 | ||
$offset: Int = 0 | ||
$orderBy: [policies_order_by!] = [{ updatedAt: desc_nulls_last }] | ||
) @cache(policy: NetworkOnly) { | ||
policies(where: $where, order_by: $orderBy, limit: $limit, offset: $offset) { | ||
id | ||
weight | ||
active | ||
validFrom | ||
validTo | ||
subjectId | ||
subjectType | ||
subjectDisplayName | ||
subjectSecondaryId | ||
updatedAt | ||
rule { | ||
id | ||
displayName | ||
description | ||
tags | ||
annotations | ||
shared | ||
source | ||
sourcePort | ||
destination | ||
destinationPort | ||
protocol | ||
direction | ||
action | ||
appId | ||
throttleRate | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,149 @@ | ||
import { z } from 'zod'; | ||
|
||
/** | ||
* Policy Schema | ||
*/ | ||
export const policySchema = z.object({ | ||
id: z.string().trim().uuid(), | ||
// validFrom: z.coerce.date(), | ||
// validFrom: z.string().datetime({ offset: true }).nullish().catch(null), | ||
// validTo: z.string().datetime({ offset: true }).nullish().catch(null), | ||
validFrom: z.date().nullish(), | ||
validTo: z.date().nullish(), | ||
weight: z.coerce.number().min(0).max(1000).optional().default(1000), | ||
subjectDisplayName: z.string().trim().min(1), | ||
subjectId: z.string().trim().min(1), | ||
subjectSecondaryId: z.string().trim().min(1), | ||
subjectType: z | ||
.enum(['user', 'group', 'device', 'service_account', 'device_pool']) | ||
.default('user'), | ||
active: z.boolean().optional().default(true), | ||
ruleId: z.string().trim().uuid(), | ||
rule: z.object({ | ||
id: z.string().trim().uuid(), | ||
displayName: z.string().trim().min(4).max(256), | ||
description: z.string().trim().max(256).nullish(), | ||
tags: z.string().trim().min(2).array().max(5).nullish(), | ||
// annotations: z.preprocess(stringToJSON, z.record(z.string().trim().min(3), z.string().trim().min(3)).nullish()), | ||
// annotations: z.preprocess(stringToMap, z.map(z.string().trim().min(3), z.string().trim().min(3))).nullish(), | ||
annotations: z.string().trim().nullish(), // TODO: validate map string | ||
source: z.string().ip().nullish(), | ||
sourcePort: z.string().trim().nullish(), | ||
destination: z.string().ip().nullish(), | ||
destinationPort: z.string().trim().nullish(), | ||
protocol: z | ||
.enum(['Any', 'IP', 'ICMP', 'IGMP', 'TCP', 'UDP', 'IPV6', 'ICMPV6', 'RM']) | ||
.default('Any'), | ||
action: z | ||
.enum(['permit', 'block', 'callout_inspection', 'callout_terminating', 'callout_unknown']) | ||
.default('block'), | ||
direction: z.enum(['egress', 'ingress']).default('egress'), | ||
appId: z.string().trim().nullish(), | ||
throttleRate: z.coerce.number().min(0).max(100).optional().default(80), | ||
weight: z.coerce.number().min(0).max(1000).optional().default(1000), | ||
shared: z.boolean().optional().default(false) | ||
}) | ||
}); | ||
|
||
export type PolicySchema = typeof policySchema; | ||
export type Policy = z.infer<typeof policySchema>; | ||
|
||
/** | ||
* Search Policy Schema | ||
*/ | ||
export const policySearchSchema = z.object({ | ||
limit: z.number().int().min(5).max(100).default(10), | ||
offset: z.number().int().min(0).default(0), | ||
// TODO use enum | ||
subjectType: z.enum(['user', 'group', 'device', 'service_account', 'device_pool']).optional(), | ||
subjectId: z.string().trim().uuid().optional(), | ||
subjectDisplayName: z.string().trim().optional() | ||
}); | ||
|
||
/** | ||
* Create Policy Schema | ||
*/ | ||
export const createPolicySchema = policySchema | ||
.omit({ | ||
id: true | ||
// rule: { | ||
// id: true | ||
// } | ||
}) | ||
.extend({ | ||
ruleId: policySchema.shape.ruleId.nullish(), | ||
// FIXME: omit for role.id=true not working | ||
rule: policySchema.shape.rule.extend({ | ||
id: policySchema.shape.rule.shape.id.optional() | ||
}) | ||
}) | ||
.superRefine((data, ctx) => checkValidDates(ctx, data.validFrom, data.validTo)) | ||
.superRefine((data, ctx) => checkForMissingRule(ctx, data.ruleId, data.rule)); | ||
|
||
export type CreatePolicySchema = typeof createPolicySchema; | ||
export type CreatePolicy = z.infer<typeof createPolicySchema>; | ||
export const createPolicyKeys = createPolicySchema.innerType().innerType().keyof().Enum; | ||
|
||
/** | ||
* Update Policy Schema | ||
*/ | ||
export const updatePolicySchema = policySchema | ||
.omit({ | ||
id: true | ||
// rule: { | ||
// id: true | ||
// } | ||
}) | ||
.extend({ | ||
// FIXME: omit for role.id=true not working | ||
rule: policySchema.shape.rule.extend({ | ||
id: policySchema.shape.rule.shape.id.optional() | ||
}), | ||
originalShared: policySchema.shape.rule.shape.shared | ||
}) | ||
.superRefine((data, ctx) => checkValidDates(ctx, data.validFrom, data.validTo)); | ||
|
||
export type UpdatePolicySchema = typeof updatePolicySchema; | ||
export type UpdatePolicy = z.infer<typeof updatePolicySchema>; | ||
export const updatePolicyKeys = updatePolicySchema.innerType().keyof().Enum; | ||
|
||
/** | ||
* Refine functions | ||
*/ | ||
|
||
function checkValidStringDates( | ||
ctx: z.RefinementCtx, | ||
validFrom: string | undefined | null, | ||
validTo: string | undefined | null | ||
) { | ||
if (validFrom && validTo && new Date(validTo) < new Date(validFrom)) { | ||
ctx.addIssue({ | ||
code: z.ZodIssueCode.custom, | ||
path: ['validTo'], | ||
message: 'validTo should be after validFrom' | ||
}); | ||
} | ||
} | ||
|
||
function checkValidDates( | ||
ctx: z.RefinementCtx, | ||
validFrom: Date | undefined | null, | ||
validTo: Date | undefined | null | ||
) { | ||
if (validFrom && validTo && validTo < validFrom) { | ||
ctx.addIssue({ | ||
code: z.ZodIssueCode.custom, | ||
path: ['validTo'], | ||
message: 'validTo should be after validFrom' | ||
}); | ||
} | ||
} | ||
function checkForMissingRule(ctx: z.RefinementCtx, ruleId: string | undefined | null, rule: any) { | ||
if (ruleId == null && rule == null) { | ||
ctx.addIssue({ | ||
code: z.ZodIssueCode.custom, | ||
path: ['ruleId'], | ||
message: 'Rule is required' | ||
}); | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.