New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(field-level-auth): Add field level auth support via the @auth directive #1262
feat(field-level-auth): Add field level auth support via the @auth directive #1262
Conversation
Changes: - Added the 'operations' argument to the AuthRule input used by the @auth directive. - Made backwards compatible changes such that @auth directives that use the 'operations' argument protect @connection resolvers. - Added support for field level @auth directives. Protect query resolvers on any type and mutations on @models. - Many new e2e tests for field level authorization checks. - Refactor existing tests to make debugging and coverage easier to understand.
…auth support via the @auth dire Adding support for field level authorization via the @auth directive. re #1043 Cleaning up tests
…oid CFN cyclic dep
0672f3d
to
7741391
Compare
Implements proposals 1 & 5 from #1043. |
…ck to avoid CFN cyclic dep" This reverts commit 7741391.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks like there are merge conflicts. Can you resolve them
).toEqual('AMAZON_COGNITO_USER_POOLS') | ||
expect( | ||
out.resolvers['Query.getPost.res.vtl'] | ||
).toContain('Authorization rule:') |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you think these would be good candidate for snapshot tests?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Perhaps. Do you mean storing the output and then diffing them between runs?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yes. Jest has built in support for that.
expect(out.resolvers['Query.getPost.res.vtl']).toMatchSnapshot();
this should do it.
I think we should have both assertions, since in PR people tend to miss the snapshot if it grows a lot
packages/graphql-transformers-e2e-tests/src/__tests__/ModelAuthTransformer.e2e.test.ts
Outdated
Show resolved
Hide resolved
packages/graphql-transformers-e2e-tests/src/__tests__/ModelAuthTransformer.e2e.test.ts
Outdated
Show resolved
Hide resolved
@mikeparisstuff I think you meant "1 & 4". |
…rective (aws-amplify#1262) * feat(@auth directive transformer and e2e tests.): Adding field level auth support via the @auth dire Changes: - Added the 'operations' argument to the AuthRule input used by the @auth directive. - Made backwards compatible changes such that @auth directives that use the 'operations' argument protect @connection resolvers. - Added support for field level @auth directives. Protect query resolvers on any type and mutations on @models. - Many new e2e tests for field level authorization checks. - Refactor existing tests to make debugging and coverage easier to understand. re #1043
This pull request has been automatically locked since there hasn't been any recent activity after it was closed. Please open a new issue for related bugs. Looking for a help forum? We recommend joining the Amplify Community Discord server |
Issue #, if available:
#1043
Description of changes:
Adding support for field level authorization via the @auth directive.
This addresses proposals 1 & 4 in #1043.
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.