| 728 | } |
| 729 | |
| 730 | func Compile(cfg regosql.ConvertConfig, pa *PartialAuthorizer) (AuthorizeFilter, error) { |
| 731 | root, err := regosql.ConvertRegoAst(cfg, pa.partialQueries) |
| 732 | if err != nil { |
| 733 | return nil, xerrors.Errorf("convert rego ast: %w", err) |
| 734 | } |
| 735 | |
| 736 | // Generate the SQL |
| 737 | gen := sqltypes.NewSQLGenerator() |
| 738 | sqlString := root.SQLString(gen) |
| 739 | if len(gen.Errors()) > 0 { |
| 740 | var errStrings []string |
| 741 | for _, err := range gen.Errors() { |
| 742 | errStrings = append(errStrings, err.Error()) |
| 743 | } |
| 744 | return nil, xerrors.Errorf("sql generation errors: %v", strings.Join(errStrings, ", ")) |
| 745 | } |
| 746 | |
| 747 | return &authorizedSQLFilter{ |
| 748 | sqlString: sqlString, |
| 749 | auth: pa, |
| 750 | }, nil |
| 751 | } |
| 752 | |
| 753 | func (a *authorizedSQLFilter) SQLString() string { |
| 754 | return a.sqlString |