Add wildcard permission (permission for all types)

__tests__/permissions.js

@@ -102,6 +102,73 @@ describe('Permissions', () => {
       RethinkDB.db(db).table(PERMISSION_TABLE).delete().run(conn);
     });
 
+    it('wildcard permissions', async () => {
+      const permission = await runQuery(`mutation createPermission {
+        createReindexPermission(input: {
+          clientMutationId: "",
+          ReindexPermission: {
+            read: true,
+            create: true,
+            update: true,
+            delete: true,
+          }
+        }) {
+          ReindexPermission {
+            id
+          }
+        }
+      }`, {
+        isAdmin: true,
+      });
+
+      const permissionId = permission
+        .data.createReindexPermission.ReindexPermission.id;
+
+      assert.deepEqual(permission, {
+        data: {
+          createReindexPermission: {
+            ReindexPermission: {
+              id: permissionId,
+            },
+          },
+        },
+      });
+
+      const id = toReindexID({
+        type: 'Micropost',
+        value: 'f2f7fb49-3581-4caa-b84b-e9489eb47d84',
+      });
+
+      assert.deepEqual(await runQuery(`{ node(id: "${id}") { id } }`), {
+        data: {
+          node: {
+            id,
+          },
+        },
+      });
+
+      assert.deepEqual(await runQuery(`mutation deletePermission {
+        deleteReindexPermission(input: {
+          clientMutationId: "",
+          id: "${permissionId}"
+        }) {
+          ReindexPermission {
+            id
+          }
+        }
+      }`, {
+        isAdmin: true,
+      }), {
+        data: {
+          deleteReindexPermission: {
+            ReindexPermission: {
+              id: permissionId,
+            },
+          },
+        },
+      });
+    });
+
     it('node uses permissions properly', async () => {
       const id = toReindexID({
         type: 'Micropost',

bin/create-app.js

@@ -20,6 +20,15 @@ async function createDatabase(dbName) {
     interfaces: ['Node'],
   }).run(conn);
 
+  await RethinkDB.db(dbName).table('ReindexPermissions').insert({
+    type: null,
+    user: null,
+    read: true,
+    create: true,
+    update: true,
+    delete: true,
+  }).run(conn);
+
   return conn;
 }
 

graphQL/builtins/createPermission.js

@@ -24,7 +24,7 @@ export default function createPermission(interfaces, getTypeSet) {
           resolve: createNodeFieldResolve('User', 'user'),
         },
         type: {
-          type: new GraphQLNonNull(getTypeSet('ReindexType').type),
+          type: getTypeSet('ReindexType').type,
           resolve: createNodeFieldResolve('ReindexType', 'type'),
         },
         read: {

graphQL/getGraphQLContext.js

@@ -36,17 +36,22 @@ function extractPermissions(permissions, types) {
     .mapValues((value) => value[0].name)
     .value();
 
+  const allTypesPermissions = permissions
+    .filter((permission) => !permission.type);
+
   return chain(permissions)
-          .groupBy((permission) => typesByID[permission.type.value])
-          .mapValues((typePermissions) => chain(typePermissions)
-            .groupBy((permission) => (
-              permission.user ? permission.user.value : 'anonymous'
-            ))
-            .mapValues((userPermissions) => (
-              userPermissions.reduce(combinePermissions)
-            ), {})
-            .value())
-          .value();
+    .filter((permission) => permission.type)
+    .groupBy((permission) => typesByID[permission.type.value])
+    .mapValues((typePermissions) => typePermissions.concat(allTypesPermissions))
+    .mapValues((typePermissions) => chain(typePermissions)
+      .groupBy((permission) => (
+        permission.user ? permission.user.value : 'anonymous'
+      ))
+      .mapValues((userPermissions) => (
+        userPermissions.reduce(combinePermissions, {})
+      ))
+      .value())
+    .value();
 }
 
 function extractConnectionPermissions(types) {