UNPKG

@aws-cdk/aws-redshift-alpha

Version:

The CDK Construct Library for AWS::Redshift

github.com/aws/aws-cdk

68 lines • 10.4 kB

JavaScript

"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.UserTablePrivileges = void 0; const cdk = require("aws-cdk-lib/core"); const constructs_1 = require("constructs"); const table_1 = require("../table"); const database_query_1 = require("./database-query"); const handler_name_1 = require("./database-query-provider/handler-name"); /** * Privileges granted to a Redshift user on Redshift tables. * * This construct is located in the `private` directory to ensure that it is not exported for direct public use. This * means that user privileges must be managed through the `Table.grant` method or the `User.addTablePrivileges` * method. Thus, each `User` will have at most one `UserTablePrivileges` construct to manage its privileges. For details * on why this is a Good Thing, see the README, under "Granting Privileges". */ class UserTablePrivileges extends constructs_1.Construct { privileges; constructor(scope, id, props) { super(scope, id); this.privileges = props.privileges ?? []; new database_query_1.DatabaseQuery(this, 'Resource', { ...props, handler: handler_name_1.HandlerName.UserTablePrivileges, properties: { username: props.user.username, tablePrivileges: cdk.Lazy.any({ produce: () => Object.entries(groupPrivilegesByTable(this.privileges)) .map(([tableId, tablePrivileges]) => ({ tableId, // The first element always exists since the groupBy element is at least a singleton. tableName: tablePrivileges[0].table.tableName, actions: unifyTableActions(tablePrivileges).map(action => table_1.TableAction[action]), })), }), }, }); } /** * Grant this user additional privileges. */ addPrivileges(table, ...actions) { this.privileges.push({ table, actions }); } } exports.UserTablePrivileges = UserTablePrivileges; const unifyTableActions = (tablePrivileges) => { const set = new Set(tablePrivileges.flatMap(x => x.actions)); if (set.has(table_1.TableAction.ALL)) { return [table_1.TableAction.ALL]; } if (set.has(table_1.TableAction.UPDATE) || set.has(table_1.TableAction.DELETE)) { set.add(table_1.TableAction.SELECT); } return [...set]; }; const groupPrivilegesByTable = (privileges) => { return privileges.reduce((grouped, privilege) => { const { table } = privilege; const tableId = table.node.id; const tablePrivileges = grouped[tableId] ?? []; return { ...grouped, [tableId]: [...tablePrivileges, privilege], }; }, {}); }; //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicHJpdmlsZWdlcy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbInByaXZpbGVnZXMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6Ijs7O0FBQUEsd0NBQXdDO0FBQ3hDLDJDQUF1QztBQUV2QyxvQ0FBK0M7QUFFL0MscURBQWlEO0FBQ2pELHlFQUFxRTtBQW1DckU7Ozs7Ozs7R0FPRztBQUNILE1BQWEsbUJBQW9CLFNBQVEsc0JBQVM7SUFDeEMsVUFBVSxDQUFtQjtJQUVyQyxZQUFZLEtBQWdCLEVBQUUsRUFBVSxFQUFFLEtBQStCO1FBQ3ZFLEtBQUssQ0FBQyxLQUFLLEVBQUUsRUFBRSxDQUFDLENBQUM7UUFFakIsSUFBSSxDQUFDLFVBQVUsR0FBRyxLQUFLLENBQUMsVUFBVSxJQUFJLEVBQUUsQ0FBQztRQUV6QyxJQUFJLDhCQUFhLENBQWtDLElBQUksRUFBRSxVQUFVLEVBQUU7WUFDbkUsR0FBRyxLQUFLO1lBQ1IsT0FBTyxFQUFFLDBCQUFXLENBQUMsbUJBQW1CO1lBQ3hDLFVBQVUsRUFBRTtnQkFDVixRQUFRLEVBQUUsS0FBSyxDQUFDLElBQUksQ0FBQyxRQUFRO2dCQUM3QixlQUFlLEVBQUUsR0FBRyxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUM7b0JBQzVCLE9BQU8sRUFBRSxHQUFHLEVBQUUsQ0FDWixNQUFNLENBQUMsT0FBTyxDQUFDLHNCQUFzQixDQUFDLElBQUksQ0FBQyxVQUFVLENBQUMsQ0FBQzt5QkFDcEQsR0FBRyxDQUFDLENBQUMsQ0FBQyxPQUFPLEVBQUUsZUFBZSxDQUFDLEVBQUUsRUFBRSxDQUFDLENBQUM7d0JBQ3BDLE9BQU87d0JBQ1AscUZBQXFGO3dCQUNyRixTQUFTLEVBQUUsZUFBZSxDQUFDLENBQUMsQ0FBRSxDQUFDLEtBQUssQ0FBQyxTQUFTO3dCQUM5QyxPQUFPLEVBQUUsaUJBQWlCLENBQUMsZUFBZSxDQUFDLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsbUJBQVcsQ0FBQyxNQUFNLENBQUMsQ0FBQztxQkFDL0UsQ0FBQyxDQUFDO2lCQUNSLENBQVE7YUFDVjtTQUNGLENBQUMsQ0FBQztLQUNKO0lBRUQ7O09BRUc7SUFDSCxhQUFhLENBQUMsS0FBYSxFQUFFLEdBQUcsT0FBc0I7UUFDcEQsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsRUFBRSxLQUFLLEVBQUUsT0FBTyxFQUFFLENBQUMsQ0FBQztLQUMxQztDQUNGO0FBakNELGtEQWlDQztBQUVELE1BQU0saUJBQWlCLEdBQUcsQ0FBQyxlQUFpQyxFQUFpQixFQUFFO0lBQzdFLE1BQU0sR0FBRyxHQUFHLElBQUksR0FBRyxDQUFjLGVBQWUsQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLENBQUMsQ0FBQztJQUUxRSxJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUMsbUJBQVcsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO1FBQzdCLE9BQU8sQ0FBQyxtQkFBVyxDQUFDLEdBQUcsQ0FBQyxDQUFDO0lBQzNCLENBQUM7SUFFRCxJQUFJLEdBQUcsQ0FBQyxHQUFHLENBQUMsbUJBQVcsQ0FBQyxNQUFNLENBQUMsSUFBSSxHQUFHLENBQUMsR0FBRyxDQUFDLG1CQUFXLENBQUMsTUFBTSxDQUFDLEVBQUUsQ0FBQztRQUMvRCxHQUFHLENBQUMsR0FBRyxDQUFDLG1CQUFXLENBQUMsTUFBTSxDQUFDLENBQUM7SUFDOUIsQ0FBQztJQUVELE9BQU8sQ0FBQyxHQUFHLEdBQUcsQ0FBQyxDQUFDO0FBQ2xCLENBQUMsQ0FBQztBQUVGLE1BQU0sc0JBQXNCLEdBQUcsQ0FBQyxVQUE0QixFQUFvQyxFQUFFO0lBQ2hHLE9BQU8sVUFBVSxDQUFDLE1BQU0sQ0FBQyxDQUFDLE9BQU8sRUFBRSxTQUFTLEVBQUUsRUFBRTtRQUM5QyxNQUFNLEVBQUUsS0FBSyxFQUFFLEdBQUcsU0FBUyxDQUFDO1FBQzVCLE1BQU0sT0FBTyxHQUFHLEtBQUssQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1FBQzlCLE1BQU0sZUFBZSxHQUFHLE9BQU8sQ0FBQyxPQUFPLENBQUMsSUFBSSxFQUFFLENBQUM7UUFDL0MsT0FBTztZQUNMLEdBQUcsT0FBTztZQUNWLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQyxHQUFHLGVBQWUsRUFBRSxTQUFTLENBQUM7U0FDM0MsQ0FBQztJQUNKLENBQUMsRUFBRSxFQUFzQyxDQUFDLENBQUM7QUFDN0MsQ0FBQyxDQUFDIiwic291cmNlc0NvbnRlbnQiOlsiaW1wb3J0ICogYXMgY2RrIGZyb20gJ2F3cy1jZGstbGliL2NvcmUnO1xuaW1wb3J0IHsgQ29uc3RydWN0IH0gZnJvbSAnY29uc3RydWN0cyc7XG5pbXBvcnQgeyBEYXRhYmFzZU9wdGlvbnMgfSBmcm9tICcuLi9kYXRhYmFzZS1vcHRpb25zJztcbmltcG9ydCB7IElUYWJsZSwgVGFibGVBY3Rpb24gfSBmcm9tICcuLi90YWJsZSc7XG5pbXBvcnQgeyBJVXNlciB9IGZyb20gJy4uL3VzZXInO1xuaW1wb3J0IHsgRGF0YWJhc2VRdWVyeSB9IGZyb20gJy4vZGF0YWJhc2UtcXVlcnknO1xuaW1wb3J0IHsgSGFuZGxlck5hbWUgfSBmcm9tICcuL2RhdGFiYXNlLXF1ZXJ5LXByb3ZpZGVyL2hhbmRsZXItbmFtZSc7XG5pbXBvcnQgeyBVc2VyVGFibGVQcml2aWxlZ2VzSGFuZGxlclByb3BzIH0gZnJvbSAnLi9oYW5kbGVyLXByb3BzJztcblxuLyoqXG4gKiBUaGUgUmVkc2hpZnQgdGFibGUgYW5kIGFjdGlvbiB0aGF0IG1ha2UgdXAgYSBwcml2aWxlZ2UgdGhhdCBjYW4gYmUgZ3JhbnRlZCB0byBhIFJlZHNoaWZ0IHVzZXIuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgVGFibGVQcml2aWxlZ2Uge1xuICAvKipcbiAgICogVGhlIHRhYmxlIG9uIHdoaWNoIHByaXZpbGVnZXMgd2lsbCBiZSBncmFudGVkLlxuICAgKi9cbiAgcmVhZG9ubHkgdGFibGU6IElUYWJsZTtcblxuICAvKipcbiAgICogVGhlIGFjdGlvbnMgdGhhdCB3aWxsIGJlIGdyYW50ZWQuXG4gICAqL1xuICByZWFkb25seSBhY3Rpb25zOiBUYWJsZUFjdGlvbltdO1xufVxuXG4vKipcbiAqIFByb3BlcnRpZXMgZm9yIHNwZWNpZnlpbmcgcHJpdmlsZWdlcyBncmFudGVkIHRvIGEgUmVkc2hpZnQgdXNlciBvbiBSZWRzaGlmdCB0YWJsZXMuXG4gKi9cbmV4cG9ydCBpbnRlcmZhY2UgVXNlclRhYmxlUHJpdmlsZWdlc1Byb3BzIGV4dGVuZHMgRGF0YWJhc2VPcHRpb25zIHtcbiAgLyoqXG4gICAqIFRoZSB1c2VyIHRvIHdoaWNoIHByaXZpbGVnZXMgd2lsbCBiZSBncmFudGVkLlxuICAgKi9cbiAgcmVhZG9ubHkgdXNlcjogSVVzZXI7XG5cbiAgLyoqXG4gICAqIFRoZSBwcml2aWxlZ2VzIHRvIGJlIGdyYW50ZWQuXG4gICAqXG4gICAqIEBkZWZhdWx0IFtdIC0gdXNlIGBhZGRQcml2aWxlZ2VzYCB0byBncmFudCBwcml2aWxlZ2VzIGFmdGVyIGNvbnN0cnVjdGlvblxuICAgKi9cbiAgcmVhZG9ubHkgcHJpdmlsZWdlcz86IFRhYmxlUHJpdmlsZWdlW107XG59XG5cbi8qKlxuICogUHJpdmlsZWdlcyBncmFudGVkIHRvIGEgUmVkc2hpZnQgdXNlciBvbiBSZWRzaGlmdCB0YWJsZXMuXG4gKlxuICogVGhpcyBjb25zdHJ1Y3QgaXMgbG9jYXRlZCBpbiB0aGUgYHByaXZhdGVgIGRpcmVjdG9yeSB0byBlbnN1cmUgdGhhdCBpdCBpcyBub3QgZXhwb3J0ZWQgZm9yIGRpcmVjdCBwdWJsaWMgdXNlLiBUaGlzXG4gKiBtZWFucyB0aGF0IHVzZXIgcHJpdmlsZWdlcyBtdXN0IGJlIG1hbmFnZWQgdGhyb3VnaCB0aGUgYFRhYmxlLmdyYW50YCBtZXRob2Qgb3IgdGhlIGBVc2VyLmFkZFRhYmxlUHJpdmlsZWdlc2BcbiAqIG1ldGhvZC4gVGh1cywgZWFjaCBgVXNlcmAgd2lsbCBoYXZlIGF0IG1vc3Qgb25lIGBVc2VyVGFibGVQcml2aWxlZ2VzYCBjb25zdHJ1Y3QgdG8gbWFuYWdlIGl0cyBwcml2aWxlZ2VzLiBGb3IgZGV0YWlsc1xuICogb24gd2h5IHRoaXMgaXMgYSBHb29kIFRoaW5nLCBzZWUgdGhlIFJFQURNRSwgdW5kZXIgXCJHcmFudGluZyBQcml2aWxlZ2VzXCIuXG4gKi9cbmV4cG9ydCBjbGFzcyBVc2VyVGFibGVQcml2aWxlZ2VzIGV4dGVuZHMgQ29uc3RydWN0IHtcbiAgcHJpdmF0ZSBwcml2aWxlZ2VzOiBUYWJsZVByaXZpbGVnZVtdO1xuXG4gIGNvbnN0cnVjdG9yKHNjb3BlOiBDb25zdHJ1Y3QsIGlkOiBzdHJpbmcsIHByb3BzOiBVc2VyVGFibGVQcml2aWxlZ2VzUHJvcHMpIHtcbiAgICBzdXBlcihzY29wZSwgaWQpO1xuXG4gICAgdGhpcy5wcml2aWxlZ2VzID0gcHJvcHMucHJpdmlsZWdlcyA/PyBbXTtcblxuICAgIG5ldyBEYXRhYmFzZVF1ZXJ5PFVzZXJUYWJsZVByaXZpbGVnZXNIYW5kbGVyUHJvcHM+KHRoaXMsICdSZXNvdXJjZScsIHtcbiAgICAgIC4uLnByb3BzLFxuICAgICAgaGFuZGxlcjogSGFuZGxlck5hbWUuVXNlclRhYmxlUHJpdmlsZWdlcyxcbiAgICAgIHByb3BlcnRpZXM6IHtcbiAgICAgICAgdXNlcm5hbWU6IHByb3BzLnVzZXIudXNlcm5hbWUsXG4gICAgICAgIHRhYmxlUHJpdmlsZWdlczogY2RrLkxhenkuYW55KHtcbiAgICAgICAgICBwcm9kdWNlOiAoKSA9PlxuICAgICAgICAgICAgT2JqZWN0LmVudHJpZXMoZ3JvdXBQcml2aWxlZ2VzQnlUYWJsZSh0aGlzLnByaXZpbGVnZXMpKVxuICAgICAgICAgICAgICAubWFwKChbdGFibGVJZCwgdGFibGVQcml2aWxlZ2VzXSkgPT4gKHtcbiAgICAgICAgICAgICAgICB0YWJsZUlkLFxuICAgICAgICAgICAgICAgIC8vIFRoZSBmaXJzdCBlbGVtZW50IGFsd2F5cyBleGlzdHMgc2luY2UgdGhlIGdyb3VwQnkgZWxlbWVudCBpcyBhdCBsZWFzdCBhIHNpbmdsZXRvbi5cbiAgICAgICAgICAgICAgICB0YWJsZU5hbWU6IHRhYmxlUHJpdmlsZWdlc1swXSEudGFibGUudGFibGVOYW1lLFxuICAgICAgICAgICAgICAgIGFjdGlvbnM6IHVuaWZ5VGFibGVBY3Rpb25zKHRhYmxlUHJpdmlsZWdlcykubWFwKGFjdGlvbiA9PiBUYWJsZUFjdGlvblthY3Rpb25dKSxcbiAgICAgICAgICAgICAgfSkpLFxuICAgICAgICB9KSBhcyBhbnksXG4gICAgICB9LFxuICAgIH0pO1xuICB9XG5cbiAgLyoqXG4gICAqIEdyYW50IHRoaXMgdXNlciBhZGRpdGlvbmFsIHByaXZpbGVnZXMuXG4gICAqL1xuICBhZGRQcml2aWxlZ2VzKHRhYmxlOiBJVGFibGUsIC4uLmFjdGlvbnM6IFRhYmxlQWN0aW9uW10pOiB2b2lkIHtcbiAgICB0aGlzLnByaXZpbGVnZXMucHVzaCh7IHRhYmxlLCBhY3Rpb25zIH0pO1xuICB9XG59XG5cbmNvbnN0IHVuaWZ5VGFibGVBY3Rpb25zID0gKHRhYmxlUHJpdmlsZWdlczogVGFibGVQcml2aWxlZ2VbXSk6IFRhYmxlQWN0aW9uW10gPT4ge1xuICBjb25zdCBzZXQgPSBuZXcgU2V0PFRhYmxlQWN0aW9uPih0YWJsZVByaXZpbGVnZXMuZmxhdE1hcCh4ID0+IHguYWN0aW9ucykpO1xuXG4gIGlmIChzZXQuaGFzKFRhYmxlQWN0aW9uLkFMTCkpIHtcbiAgICByZXR1cm4gW1RhYmxlQWN0aW9uLkFMTF07XG4gIH1cblxuICBpZiAoc2V0LmhhcyhUYWJsZUFjdGlvbi5VUERBVEUpIHx8IHNldC5oYXMoVGFibGVBY3Rpb24uREVMRVRFKSkge1xuICAgIHNldC5hZGQoVGFibGVBY3Rpb24uU0VMRUNUKTtcbiAgfVxuXG4gIHJldHVybiBbLi4uc2V0XTtcbn07XG5cbmNvbnN0IGdyb3VwUHJpdmlsZWdlc0J5VGFibGUgPSAocHJpdmlsZWdlczogVGFibGVQcml2aWxlZ2VbXSk6IFJlY29yZDxzdHJpbmcsIFRhYmxlUHJpdmlsZWdlW10+ID0+IHtcbiAgcmV0dXJuIHByaXZpbGVnZXMucmVkdWNlKChncm91cGVkLCBwcml2aWxlZ2UpID0+IHtcbiAgICBjb25zdCB7IHRhYmxlIH0gPSBwcml2aWxlZ2U7XG4gICAgY29uc3QgdGFibGVJZCA9IHRhYmxlLm5vZGUuaWQ7XG4gICAgY29uc3QgdGFibGVQcml2aWxlZ2VzID0gZ3JvdXBlZFt0YWJsZUlkXSA/PyBbXTtcbiAgICByZXR1cm4ge1xuICAgICAgLi4uZ3JvdXBlZCxcbiAgICAgIFt0YWJsZUlkXTogWy4uLnRhYmxlUHJpdmlsZWdlcywgcHJpdmlsZWdlXSxcbiAgICB9O1xuICB9LCB7fSBhcyBSZWNvcmQ8c3RyaW5nLCBUYWJsZVByaXZpbGVnZVtdPik7XG59O1xuIl19