update parser tests

rilldata · Jan 15, 2025 · b2e84ed · b2e84ed
1 parent 61ad17b
commit b2e84ed
Show file tree

Hide file tree

Showing 2 changed files with 30 additions and 1 deletion.
diff --git a/runtime/compilers/rillv1/parse_api.go b/runtime/compilers/rillv1/parse_api.go
@@ -3,6 +3,7 @@ package rillv1
 import (
 	"fmt"
 
+	runtimev1 "github.com/rilldata/rill/proto/gen/rill/runtime/v1"
 	"github.com/rilldata/rill/runtime/pkg/openapiutil"
 	"google.golang.org/protobuf/types/known/structpb"
 	"gopkg.in/yaml.v3"
@@ -34,6 +35,7 @@ func (p *Parser) parseAPI(node *Node) error {
 	}
 
 	// Validate
+	var rules []*runtimev1.SecurityRule
 	var openapiSummary string
 	var openapiParams []*structpb.Struct
 	var openapiSchema *structpb.Struct
@@ -62,7 +64,7 @@ func (p *Parser) parseAPI(node *Node) error {
 		}
 	}
 
-	rules, err := tmp.Security.Proto()
+	rules, err = tmp.Security.Proto()
 	if err != nil {
 		return fmt.Errorf("failed to parse security rules: %w", err)
 	}

diff --git a/runtime/compilers/rillv1/parser_test.go b/runtime/compilers/rillv1/parser_test.go
@@ -1803,6 +1803,13 @@ sql: select * from m1
 		`apis/a2.yaml`: `
 type: api
 metrics_sql: select * from m1
+`,
+		// api a3 with security rules
+		`apis/a3.yaml`: `
+type: api
+sql: select * from m1
+security:
+  access: true
 `,
 	})
 
@@ -1823,6 +1830,9 @@ metrics_sql: select * from m1
 			APISpec: &runtimev1.APISpec{
 				Resolver:           "sql",
 				ResolverProperties: must(structpb.NewStruct(map[string]any{"connector": "duckdb", "sql": "select * from m1"})),
+				SecurityRules: []*runtimev1.SecurityRule{
+					{Rule: &runtimev1.SecurityRule_Access{Access: &runtimev1.SecurityRuleAccess{}}},
+				},
 			},
 		},
 		{
@@ -1831,6 +1841,23 @@ metrics_sql: select * from m1
 			APISpec: &runtimev1.APISpec{
 				Resolver:           "metrics_sql",
 				ResolverProperties: must(structpb.NewStruct(map[string]any{"sql": "select * from m1"})),
+				SecurityRules: []*runtimev1.SecurityRule{
+					{Rule: &runtimev1.SecurityRule_Access{Access: &runtimev1.SecurityRuleAccess{}}},
+				},
+			},
+		},
+		{
+			Name:  ResourceName{Kind: ResourceKindAPI, Name: "a3"},
+			Paths: []string{"/apis/a3.yaml"},
+			APISpec: &runtimev1.APISpec{
+				Resolver:           "sql",
+				ResolverProperties: must(structpb.NewStruct(map[string]any{"connector": "duckdb", "sql": "select * from m1"})),
+				SecurityRules: []*runtimev1.SecurityRule{
+					{Rule: &runtimev1.SecurityRule_Access{Access: &runtimev1.SecurityRuleAccess{
+						Condition: "true",
+						Allow:     true,
+					}}},
+				},
 			},
 		},
 	}