GQL, DatasetMetadata: correct processing of dataset's dependencies th…

…at are not found

resources/schema.gql

@@ -646,11 +646,11 @@ type DatasetMetadata {
 	"""
 	Current upstream dependencies of a dataset
 	"""
-	currentUpstreamDependencies: [UpstreamDatasetResult!]!
+	currentUpstreamDependencies: [DependencyDatasetResult!]!
 	"""
 	Current downstream dependencies of a dataset
 	"""
-	currentDownstreamDependencies: [Dataset!]!
+	currentDownstreamDependencies: [DependencyDatasetResult!]!
 	"""
 	Current polling source used by the root dataset
 	"""
@@ -849,6 +849,20 @@ type DeleteResultSuccess implements DeleteResult {
 	message: String!
 }
 
+interface DependencyDatasetResult {
+	message: String!
+}
+
+type DependencyDatasetResultFound implements DependencyDatasetResult {
+	dataset: Dataset!
+	message: String!
+}
+
+type DependencyDatasetResultNotFound implements DependencyDatasetResult {
+	datasetId: DatasetID!
+	message: String!
+}
+
 type DisablePollingSource {
 	dummy: String
 }
@@ -1996,21 +2010,6 @@ interface UpdateReadmeResult {
 	message: String!
 }
 
-interface UpstreamDatasetResult {
-	message: String!
-}
-
-type UpstreamDatasetResultFound implements UpstreamDatasetResult {
-	dataset: Dataset!
-	message: String!
-}
-
-type UpstreamDatasetResultNotFound implements UpstreamDatasetResult {
-	datasetId: DatasetID!
-	datasetAlias: DatasetAlias!
-	message: String!
-}
-
 type ViewAccessToken {
 	"""
 	Unique identifier of the access token

src/adapter/auth-oso-rebac/src/oso_dataset_authorizer.rs

@@ -235,6 +235,50 @@ impl DatasetActionAuthorizer for OsoDatasetAuthorizer {
             unauthorized_handles_with_errors: unmatched_results,
         })
     }
+
+    async fn classify_dataset_ids_by_allowance(
+        &self,
+        dataset_ids: Vec<odf::DatasetID>,
+        action: DatasetAction,
+    ) -> Result<ClassifyByAllowanceIdsResponse, InternalError> {
+        let user_actor = self.user_actor().await?;
+        let mut authorized_ids = Vec::with_capacity(dataset_ids.len());
+        let mut unauthorized_ids_with_errors = Vec::new();
+
+        let dataset_resources_resolution = self
+            .oso_resource_service
+            .get_multiple_dataset_resources(&dataset_ids)
+            .await
+            .int_err()?;
+
+        for (dataset_id, dataset_resource) in dataset_resources_resolution.resolved_resources {
+            let is_allowed = self
+                .kamu_auth_oso
+                .is_allowed(user_actor.clone(), action, dataset_resource)
+                .int_err()?;
+
+            if is_allowed {
+                authorized_ids.push(dataset_id);
+            } else {
+                let dataset_ref = dataset_id.as_local_ref();
+                unauthorized_ids_with_errors.push((
+                    dataset_id,
+                    DatasetActionUnauthorizedError::Access(AccessError::Forbidden(
+                        DatasetActionNotEnoughPermissionsError {
+                            action,
+                            dataset_ref,
+                        }
+                        .into(),
+                    )),
+                ));
+            }
+        }
+
+        Ok(ClassifyByAllowanceIdsResponse {
+            authorized_ids,
+            unauthorized_ids_with_errors,
+        })
+    }
 }
 
 ////////////////////////////////////////////////////////////////////////////////////////////////////////////////////////

src/adapter/graphql/Cargo.toml

@@ -48,7 +48,9 @@ datafusion = { version = "43", default-features = false, features = [
     "serde",
 ] } # TODO: Currently needed for type conversions but ideally should be encapsulated by kamu-core
 dill = "0.9"
-futures = "0.3"
+futures = { version = "0.3", default-features = false, features = [
+    "alloc"
+] }
 secrecy = "0.10"
 serde = { version = "1", default-features = false }
 serde_json = "1"