Update deps incl. accumulo-access; add functions to return accumulo a…

…ccess expressions as pg::json or json string
larsw · May 15, 2024 · ff1abe2 · ff1abe2
1 parent c184b9c
commit ff1abe2
Show file tree

Hide file tree

Showing 2 changed files with 55 additions and 4 deletions.
diff --git a/Cargo.toml b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "accumulo_access_pg"
-version = "0.1.3"
+version = "0.1.4"
 edition = "2021"
 authors = ["Lars Wilhelmsen <[email protected]>"]
 description = "PostgreSQL extension for parsing and evaluating Accumulo Access Expressions"
@@ -20,12 +20,15 @@ default = ["pg15"]
 pg15 = ["pgrx/pg15", "pgrx-tests/pg15"]
 # pg16 = ["pgrx/pg16", "pgrx-tests/pg16" ]
 pg_test = []
+#jwt = ["jsonwebtoken"]
 
 [dependencies]
 #accumulo-access = { path = "../accumulo-access-rs/accumulo-access", features = ["caching"] } # for local dev
 accumulo-access = "0.1"
 pgrx = "=0.11.4"
-serde = { version = "1.0.195", features = ["derive"] }
+serde = { version = "1.0", features = ["derive"] }
+serde_json = { version = "1.0"}
+#jsonwebtoken = { version = "9.3.0", optional = true }
 
 [dev-dependencies]
 pgrx-tests = "=0.11.4"

diff --git a/src/lib.rs b/src/lib.rs
@@ -1,9 +1,19 @@
 // Copyright 2024 Lars Wilhelmsen <[email protected]>. All rights reserved.
 // Use of this source code is governed by the MIT or Apache-2.0 license that can be found in the LICENSE-MIT or LICENSE-APACHE files.
 
-use accumulo_access::caching::{authz_cache_stats, check_authorization_csv, clear_authz_cache};
+use accumulo_access::{
+    expression_to_json_string,
+    expression_to_json,
+};
+
+use accumulo_access::caching::{
+    authz_cache_stats,
+    check_authorization_csv,
+    clear_authz_cache,
+};
 use pgrx::prelude::*;
 use serde::{Deserialize, Serialize};
+use serde_json::Value::Null;
 
 pg_module_magic!();
 
@@ -59,6 +69,44 @@ fn sec_authz_clear_cache() -> bool {
     }
 }
 
+#[pg_extern]
+fn sec_expr_as_json_string(expression: Option<&str>) -> String {
+    if expression.is_none() {
+        return "".into();
+    }
+    let expression = expression.unwrap();
+    if expression.is_empty() {
+        return "".into();
+    }
+
+    match expression_to_json_string(expression) {
+        Ok(json) => json.as_str().into(),
+        Err(e) => {
+            let msg = format!("Error parsing expression: {}", e);
+            error!("{}", msg)
+        }
+    }
+}
+
+#[pg_extern]
+fn sec_expr_as_json(expression: Option<&str>) -> pgrx::Json {
+    if expression.is_none() {
+        return pgrx::Json(Null);
+    }
+    let expression = expression.unwrap();
+    if expression.is_empty() {
+        return pgrx::Json(Null);
+    }
+
+    match expression_to_json(expression) {
+        Ok(json) => pgrx::Json(json),
+        Err(e) => {
+            let msg = format!("Error parsing expression: {}", e);
+            error!("{}", msg)
+        }
+    }
+}
+
 #[cfg(any(test, feature = "pg_test"))]
 #[pg_schema]
 mod tests {
@@ -68,7 +116,7 @@ mod tests {
     fn test_accumulo_check_authorization() {
         let expression = "label1 & label5 & (label2 | \"label 🕺\")";
         let tokens = "label1,label5,label 🕺";
-        assert_eq!(true, crate::sec_authz_check(Some(expression), Some(tokens)));
+        assert!(crate::sec_authz_check(Some(expression), Some(tokens)));
     }
 }