* addUserFilterToFilter makes sure that user can't misue filters to access other user's info. If the *filter* have type(dgraph.type.Group) or type(dgraph.type.User) functions, it generate a *newFilter* with function like eq(dgraph.xid, userId) or eq(dgraph.xid,groupId...) and return a filter
(filter *dql.FilterTree, userId string, groupIds []string)
| 1277 | } |
| 1278 | */ |
| 1279 | func addUserFilterToFilter(filter *dql.FilterTree, userId string, |
| 1280 | groupIds []string) *dql.FilterTree { |
| 1281 | |
| 1282 | if filter == nil { |
| 1283 | return nil |
| 1284 | } |
| 1285 | |
| 1286 | if filter.Func != nil && filter.Func.Name == "type" { |
| 1287 | |
| 1288 | // type function supports only one argument |
| 1289 | if len(filter.Func.Args) != 1 { |
| 1290 | return nil |
| 1291 | } |
| 1292 | arg := filter.Func.Args[0] |
| 1293 | var newFilter *dql.FilterTree |
| 1294 | switch arg.Value { |
| 1295 | case "dgraph.type.User": |
| 1296 | newFilter = userFilter(userId) |
| 1297 | case "dgraph.type.Group": |
| 1298 | newFilter = groupFilter(groupIds) |
| 1299 | } |
| 1300 | |
| 1301 | // If filter have function, it can't have children. |
| 1302 | return parentFilter(newFilter, filter) |
| 1303 | } |
| 1304 | |
| 1305 | for idx, child := range filter.Child { |
| 1306 | filter.Child[idx] = addUserFilterToFilter(child, userId, groupIds) |
| 1307 | } |
| 1308 | |
| 1309 | return filter |
| 1310 | } |
| 1311 | |
| 1312 | // removePredsFromQuery removes all the predicates in blockedPreds |
| 1313 | // from all the queries in gqs. |
no test coverage detected