1.0.3 • Published 7 years ago

graphql-acl v1.0.3

Weekly downloads
2
License
MIT
Repository
github
Last release
7 years ago

GraphQL ACL

Specify allowed fields for roles. Create big scheme with all fields and allow only some fields to roles.

Installation:

Using npm:

$ npm i --save graphql-acl

Example:

ACL:

Configure object representing allowed fields.

const acl = {
  user: true,
  articles: {
    title: true,
    author: {
      name: true
    }
  }
}

Scheme:

{
  user: {
    name: String,
    surname: String,
    email: String
  },
  articles: {
    id: Number,
    title: String,
    perex: String,
    content: String,
    views: Number,
    author: {
      name: String,
      surname: String
    }
  }
}

Result:

Generated schema contains only allowed fields.

{
  user: {
    name: String,
    surname: String,
    email: String
  },
  articles: {
    title: String,
    author: {
      name: String
    }
  }
}

Implementation:

createGraphQLObjectType(props, fields) => function (acl)

Return function which expect acl as param and generate GraphQLObjectType.

props - {Object} - GraphQLObjectType properties

fields - {Object} - expect GQL object or function which returns GQL object

index.js
const { GraphQLSchema } = require('graphql')

const {ROLES, ACL} = require('./acl')
const createRoot = require('./root')

const userSchema = new GraphQLSchema({
  description: 'User graphQL',
  query: createRoot(ACL[ROLES.USER])
})

const adminSchema = new GraphQLSchema({
  description: 'Admin graphQL',
  query: createRoot(ACL[ROLES.ADMIN])
})
root.js
const { GraphQLString } = require('graphql')
const { createGraphQLObjectType } = require('graphql-acl')

const createUser = require('./user')

const user = acl => ({
  description: 'User object',
  type: createUser(acl)
})

const version = ({
  description: 'Version',
  type: GraphQLString
})

const createRoot = createGraphQLObjectType({
  name: 'Query'
}, {
  user,
  version
})

module.exports = createRoot
user.js
const { GraphQLString } = require('graphql')
const { createGraphQLObjectType } = require('graphql-acl')

const name = ({
  description: 'Name',
  type: GraphQLString
})

const surname = ({
  description: 'Surname',
  type: GraphQLString
})

const createUser = createGraphQLObjectType({
  name: 'User'
}, {
  name,
  surname
})

module.exports = createUser
acl.js
const ROLES = {
  USER: 'USER',
  ADMIN: 'ADMIN'
}

const userAcl = {
  user: {
    name: true
  }
}

const ACL = {
  [ROLES.USER]: userAcl,
  [ROLES.ADMIN]: true // Allow everything
}

module.exports = {
  ROLES,
  ACL
}
graphgqaclpermissionsroles
graphql
@infinitebrahmanuniverse/nolb-graphql-a@everything-registry/sub-chunk-1784@zalastax/nolb-graphql-a
1.0.3

7 years ago

1.0.2

7 years ago

1.0.1

7 years ago

1.0.0

7 years ago