fetchWithPostFilter is like fetch, but works with lists of objects. SQL filters are much more optimal.
( authorizer rbac.Authorizer, action policy.Action, f DatabaseFunc, )
| 1109 | // fetchWithPostFilter is like fetch, but works with lists of objects. |
| 1110 | // SQL filters are much more optimal. |
| 1111 | func fetchWithPostFilter[ |
| 1112 | ArgumentType any, |
| 1113 | ObjectType rbac.Objecter, |
| 1114 | DatabaseFunc func(ctx context.Context, arg ArgumentType) ([]ObjectType, error), |
| 1115 | ]( |
| 1116 | authorizer rbac.Authorizer, |
| 1117 | action policy.Action, |
| 1118 | f DatabaseFunc, |
| 1119 | ) DatabaseFunc { |
| 1120 | return func(ctx context.Context, arg ArgumentType) (empty []ObjectType, err error) { |
| 1121 | // Fetch the rbac subject |
| 1122 | act, ok := ActorFromContext(ctx) |
| 1123 | if !ok { |
| 1124 | return empty, ErrNoActor |
| 1125 | } |
| 1126 | |
| 1127 | // Fetch the database object |
| 1128 | objects, err := f(ctx, arg) |
| 1129 | if err != nil { |
| 1130 | return nil, xerrors.Errorf("fetch object: %w", err) |
| 1131 | } |
| 1132 | |
| 1133 | // Authorize the action |
| 1134 | return rbac.Filter(ctx, authorizer, act, action, objects) |
| 1135 | } |
| 1136 | } |
| 1137 | |
| 1138 | // prepareSQLFilter is a helper function that prepares a SQL filter using the |
| 1139 | // given authorization context. |
no test coverage detected