@porterm/graphql-workspace-authorizer-transformer-v2 v0.9.8-alpha
🚒 Add workspaces based auth flow to all queries and mutations!
graphql-workspace-authorizer-transformer-v2
This transformer is intended to be used with @model and @auth directives. If you don't implement @auth directive, you may have vulnerabilities like Sandbox bypass.
##Local instalation, run this command located in the project where you want to install this module
npm install /path/to/root/graph-workdpace-authorizer-v2
##Build
npm run-script build
Installation
npm install --save @porterm/graphql-workspace-authorizer-transformer-v2
How to use
Setup custom transformer
Edit amplify/backend/api/<YOUR_API>/transform.conf.json and append "@porterm/graphql-workspace-authorizer-transformer-v2" to the transformers field.
"transformers": [
"@porterm/graphql-workspace-authorizer-transformer-v2"
]Use @workspaceAuthV2 directive
Append @workspaceAuthV2 to target types and add the params.
type Todo @model @workspaceAuthV2(
ownershipModel: {
modelName: "Ownership",
userIdFieldName: "userID",
workspaceIdFieldName: "companyID",
indexName: "byUserIdAndCompanyId",
roleFieldName: "role"
},
rules: [{
groups: ["owner", "admin", "editor"],
operations: ["create", "update", "delete", "read"]
}] ,
cognitoGroupExceptions: ["Administrator"]
) {
id: ID!
title: String!
description: String
}Contribute 🦸
Please feel free to create, comment and of course solve some of the issues. To get started you can also go for the easier issues marked with the good first issue label if you like.
Development
- It is important to always make sure the version of the installed
graphqldependency matches thegraphqlversion thegraphql-transformer-coredepends on.
License
The MIT License
Credits
The graphql-workspace-authorizer-transformer-v2 project is maintained by Porter Metrics