Specify allowed fields for roles. Create big scheme with all fields and allow only some fields to roles.
Using npm:
$ npm i --save graphql-acl
Configure object representing allowed fields.
const acl = {
user: true,
articles: {
title: true,
author: {
name: true
}
}
}
{
user: {
name: String,
surname: String,
email: String
},
articles: {
id: Number,
title: String,
perex: String,
content: String,
views: Number,
author: {
name: String,
surname: String
}
}
}
Generated schema contains only allowed fields.
{
user: {
name: String,
surname: String,
email: String
},
articles: {
title: String,
author: {
name: String
}
}
}
Return function which expect acl as param and generate GraphQLObjectType.
props
- {Object} - GraphQLObjectType properties
fields
- {Object} - expect GQL object or function which returns GQL object
const { GraphQLSchema } = require('graphql')
const {ROLES, ACL} = require('./acl')
const createRoot = require('./root')
const userSchema = new GraphQLSchema({
description: 'User graphQL',
query: createRoot(ACL[ROLES.USER])
})
const adminSchema = new GraphQLSchema({
description: 'Admin graphQL',
query: createRoot(ACL[ROLES.ADMIN])
})
const { GraphQLString } = require('graphql')
const { createGraphQLObjectType } = require('graphql-acl')
const createUser = require('./user')
const user = acl => ({
description: 'User object',
type: createUser(acl)
})
const version = ({
description: 'Version',
type: GraphQLString
})
const createRoot = createGraphQLObjectType({
name: 'Query'
}, {
user,
version
})
module.exports = createRoot
const { GraphQLString } = require('graphql')
const { createGraphQLObjectType } = require('graphql-acl')
const name = ({
description: 'Name',
type: GraphQLString
})
const surname = ({
description: 'Surname',
type: GraphQLString
})
const createUser = createGraphQLObjectType({
name: 'User'
}, {
name,
surname
})
module.exports = createUser
const ROLES = {
USER: 'USER',
ADMIN: 'ADMIN'
}
const userAcl = {
user: {
name: true
}
}
const ACL = {
[ROLES.USER]: userAcl,
[ROLES.ADMIN]: true // Allow everything
}
module.exports = {
ROLES,
ACL
}