You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Right now, setting the directive schema as following, it returns the information to all the clients:
directive @auth(
requires: Role = ADMIN,
) on OBJECT | FIELD_DEFINITION
enum Role {
ADMIN
REVIEWER
USER
UNKNOWN
}
type Query {
add(x: Int, y: Int): Int @auth(requires: ADMIN)
}
Hasura applies a different technique: it returns only the schema that applies its rules.
So, using this logic to the @auth directive, we could filter the returned GraphQL schema.
The user's client will see only those query and field it should see.
This requires that the user adds to the client additional information (such as an auth token) to get access to all the GraphQL Schema and documentation.
The text was updated successfully, but these errors were encountered:
Right now, setting the directive schema as following, it returns the information to all the clients:
Then running the query:
Returns the meta-fields
Hasura applies a different technique: it returns only the schema that applies its rules.
So, using this logic to the
@auth
directive, we could filter the returned GraphQL schema.The user's client will see only those
query
andfield
it should see.This requires that the user adds to the client additional information (such as an auth token) to get access to all the GraphQL Schema and documentation.
The text was updated successfully, but these errors were encountered: