feature: filtered schema

[Eomm]

Right now, setting the directive schema as following, it returns the information to all the clients:

directive @auth(
  requires: Role = ADMIN,
) on OBJECT | FIELD_DEFINITION

enum Role {
  ADMIN
  REVIEWER
  USER
  UNKNOWN
}

type Query {
  add(x: Int, y: Int): Int @auth(requires: ADMIN) 
}

Then running the query:

{
  __schema {
    queryType {
      fields {
        name
      }
    }
  }
}

Returns the meta-fields

{
  "data": {
    "__schema": {
      "queryType": {
        "fields": [
          {
            "name": "add"
          }
        ]
      }
    }
  }
}

Hasura applies a different technique: it returns only the schema that applies its rules.

So, using this logic to the @auth directive, we could filter the returned GraphQL schema.
The user's client will see only those query and field it should see.

This requires that the user adds to the client additional information (such as an auth token) to get access to all the GraphQL Schema and documentation.

[jonnydgreen]

Great idea, this could be really useful - would you be interested in drafting a PR for this?

[Eomm]

Yeah, working on it