无法引用联合外部的列

时间:2019-07-07 16:03:39

标签: sql node.js postgresql knex.js

我正在我的应用程序中实现基于角色的访问控制,并且如果一个角色继承了另一个角色,则需要选择包括额外的一行。

我尝试在子查询中使用带有where子句的联合。我正在使用postgres。

使用knex,我的代码如下:

export const rowToJSONArray = (query: QueryBuilder, column: string) => {
  const id = randomBytes(8).toString("hex")

  return `
    ARRAY(
      SELECT
        row_to_json("${id}")
      FROM ( ${query.toQuery()} ) as "${id}"
    ) as "${column}"
  `
}

export const getPermissionListQuery = (as = "Role_permissions") => {
  const subquery = db
    .select("name", "type")
    .from("Permissions")
    .join("RolePermissions", "RolePermissions.permissionId", "Permissions.id")
    .where("RolePermissions.roleId", db.raw(`"Roles"."id"`))

  return rowToJSONArray(subquery, as)
}

export const getUserRoleListQuery = (withPermissions = false) => {
  const subquery = db
    .select("name")
    .from("Roles")
    .leftJoin("UserRoles", "Roles.id", "UserRoles.roleId")
    .where("UserRoles.userId", db.raw(`"Users"."id"`))
    .orWhere("Roles.id", db.raw(DEFAULT_ROLE_ID)) // imply the default role always
    .union(query => {
      query
        .select("name")
        .from("Roles as UnionRoles")
        .where("Roles.inheritId", "UnionRoles.id")
    })
    .orderBy("Roles.priority", "asc")

  if (withPermissions) {
    subquery.select(db.raw(getPermissionListQuery("permissions")))
  }

  return rowToJSONArray(subquery, "User_roles")
}

因此,我希望如果理论上角色1继承角色2,如果用户具有角色1,则角色2也将包括在用户具有的角色列表中。

但是,我却收到此错误:

error: invalid reference to FROM-clause entry for table "Roles"
hint: 'Perhaps you meant to reference the table alias "UnionRoles".'

1 个答案:

答案 0 :(得分:1)

这是生成的Postgres查询的外观。 测试数据

create table Roles (
  id int not null
  ,inheritId int
  ,"name" varchar(50) 
);    
insert into Roles(id, inheritId, "name")
values
  (1,null,'Role 1')
 ,(2,1,'Role 2')
 ,(3,2,'Role 3')
 ,(4,2,'Role 4');

create table Users (
  id int not null
  ,"name" varchar(50) 
);
insert into Users(id, "name")
values
  (1,'User A')
 ,(2,'User B')
 ,(3,'User C')
 ,(4,'User D');

create table UserRoles (
  userId int not null
  ,roleId int not null
);
insert into UserRoles(userId, roleId)
values
   (1,1)
  ,(1,4)
  ,(3,3) -- changed it
  ,(4,4); 

两个使用相同递归CTE的查询。 CTE遍历继承链以找到所有以任意角色开头的有效角色。

用户+有效角色:

with recursive r as(
   select id as baseid, inheritid, "name"
   from Roles
   union all
   select r.baseid, c.inheritid, c."name"
   from r
   join Roles c on c.Id = r.inheritid
)
select distinct u."name" as userName, r."name"  as roleName
from users u 
join userRoles ur on ur.userId = u.Id
join r on r.baseId = ur.roleId
order by u."name", r."name"; 

输出

username    rolename
User A  Role 1
User A  Role 2
User A  Role 4
User C  Role 1
User C  Role 2
User C  Role 3
User D  Role 1
User D  Role 2
User D  Role 4 

用户的有效角色名称

with recursive r as(
   select id as baseid,  inheritid, "name"
   from Roles
   union all
   select r.baseid,  c.inheritid, c."name"
   from r
   join Roles c on c.Id = r.inheritid
)
select distinct r."name"
from userRoles ur
join r on r.baseId = ur.roleId
where ur.userId=3
order by r."name";

输出

name
Role 1
Role 2
Role 3

我对Knex不太熟练,希望这将有助于您以正确的方式建立查询。

编辑
添加权限

create table Permissions (
    id int
   ,"name" varchar(50) 
   ,"type" varchar(50) 
);

insert into Permissions (id, "name", "type")
values 
     (1, 'pm1', 'ptype1')
    ,(2, 'pm2', 'ptype1')
    ,(3, 'pm3', 'ptype2')
    ,(4, 'pm4', 'ptype2');

create table RolePermissions(
   permissionId int not null
  ,roleId int not null
);
insert into RolePermissions(permissionId, roleId)
values 
     (1, 1)  
    ,(2, 1)  
    ,(1, 3)  
    ,(2, 3)
    ,(3, 3)
    ,(2, 4)
    ,(4, 4);

用户的有效权限。请注意effectiveId,因为我们仅使用角色名称,因此以前的查询中并不需要该角色,此处可以省略角色的"Name"

with recursive r as(
   select id as baseid, id as effectiveId, inheritid, "name"
   from Roles
   union all
   select r.baseid, c.id, c.inheritid, c."name"
   from r
   join Roles c on c.Id = r.inheritid
)
select distinct p."name" permissionName
   , p."type" permissionType
from userRoles ur
join r on r.baseId = ur.roleId
join RolePermissions rp on r.EffectiveId = rp.roleId
join Permissions p on rp.permissionId = p.id
where ur.userId=3
order by p."name"; 

返回

permissionname  permissiontype
pm1 ptype1
pm2 ptype1
pm3 ptype2

Fiddle

您可能希望根据需要更改select列表和order by子句。