feat(field-level-auth): Add field level auth support via the @auth directive #1262
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ghost
assigned
added 4 commits
April 11, 2019 16:00
Changes: - Added the 'operations' argument to the AuthRule input used by the @auth directive. - Made backwards compatible changes such that @auth directives that use the 'operations' argument protect @connection resolvers. - Added support for field level @auth directives. Protect query resolvers on any type and mutations on @models. - Many new e2e tests for field level authorization checks. - Refactor existing tests to make debugging and coverage easier to understand.
…auth support via the @auth dire Adding support for field level authorization via the @auth directive. re #1043 Cleaning up tests
…oid CFN cyclic dep
mikeparisstuff
force-pushed
the
per-field-auth
branch
from
0672f3d
to
7741391
Compare
mikeparisstuff
changed the title
mikeparisstuff
changed the title
|
Implements proposals 1 & 5 from #1043. |
yuth
changed the title
yuth
approved these changes
Apr 15, 2019
added 3 commits
April 15, 2019 11:28
…ck to avoid CFN cyclic dep" This reverts commit 7741391.
yuth
reviewed
Apr 15, 2019
| ).toEqual('AMAZON_COGNITO_USER_POOLS') | ||
| expect( | ||
| out.resolvers['Query.getPost.res.vtl'] | ||
| ).toContain('Authorization rule:') |
There was a problem hiding this comment.
Do you think these would be good candidate for snapshot tests?
There was a problem hiding this comment.
Perhaps. Do you mean storing the output and then diffing them between runs?
There was a problem hiding this comment.
Yes. Jest has built in support for that.
expect(out.resolvers['Query.getPost.res.vtl']).toMatchSnapshot();this should do it.
I think we should have both assertions, since in PR people tend to miss the snapshot if it grows a lot
packages/graphql-transformers-e2e-tests/src/__tests__/ModelAuthTransformer.e2e.test.ts
Outdated
Show resolved
Hide resolved
packages/graphql-transformers-e2e-tests/src/__tests__/ModelAuthTransformer.e2e.test.ts
Outdated
Show resolved
Hide resolved
yuth
approved these changes
Apr 15, 2019
yuth
approved these changes
Apr 15, 2019
@mikeparisstuff I think you meant "1 & 4". |
AlessandroVol23
pushed a commit
to AlessandroVol23/amplify-cli
that referenced
this pull request
May 16, 2019
…rective (aws-amplify#1262) * feat(@auth directive transformer and e2e tests.): Adding field level auth support via the @auth dire Changes: - Added the 'operations' argument to the AuthRule input used by the @auth directive. - Made backwards compatible changes such that @auth directives that use the 'operations' argument protect @connection resolvers. - Added support for field level @auth directives. Protect query resolvers on any type and mutations on @models. - Many new e2e tests for field level authorization checks. - Refactor existing tests to make debugging and coverage easier to understand. re #1043
This was referenced Mar 16, 2020
|
This pull request has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs. Looking for a help forum? We recommend joining the Amplify Community Discord server |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
#1043
Description of changes:
Adding support for field level authorization via the @auth directive.
This addresses proposals 1 & 4 in #1043.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.