Skip to content
This repository has been archived by the owner on Aug 31, 2021. It is now read-only.

Add support for restricted graphql users #84

Merged
merged 4 commits into from
Apr 18, 2019
Merged

Add support for restricted graphql users #84

merged 4 commits into from
Apr 18, 2019

Conversation

m0ar
Copy link
Contributor

@m0ar m0ar commented Apr 18, 2019

This PR:

  • Adds functionality to supply an access-restricted user for postgraphile introspection, limiting the data available in GraphQL. This is what can be set with GQ_USER & GQ_PASSWORD.
  • Bumps the version of postgraphile
  • Add env variable use of @ana0's schema selection stuff
  • Some general improvements of the postgraphile configuration:
    • pg-simplify-inflector plugin for less crazy name inference
    • disableDefaultMutations does what it says on the tin
    • exportGqlSchemaPath dumps the generated schema, useful when configuring GraphQL
    • ignoreRBAC: false tells postgraphile to respect the permissions of a restricted user
    • ownerConnectionString instructs postgraphile to use a higher-permissioned role to setup the watch fixtures.

Happy Easter 🐤 🌻

@m0ar m0ar mentioned this pull request Apr 18, 2019
Merged
@m0ar
Copy link
Contributor Author

m0ar commented Apr 18, 2019

I've removed some old dependencies in an additional commit now. Ask @AFDudley for context on this change if needed :)

ana0
ana0 reviewed Apr 18, 2019
View reviewed changes
postgraphile/README.md
for postgraphile introspection by adding env variables `GQ_USER` and `GQ_PASSWORD`.
* By doing `GRANT [SELECT | EXECUTE]` on tables/functions for this user,
you can selectively assign things you want available in GraphQL.
* You still need to pass in a superuser with `DATABASE_USER` & `DATABASE_PASSWORD` for
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo: 'for for'

@rmulhol rmulhol merged commit 2675ac0 into staging Apr 18, 2019
@rmulhol rmulhol deleted the improve-postgraphile-interaction branch April 18, 2019 14:51
i-norden pushed a commit that referenced this pull request Apr 18, 2019
@rmulhol
Merge pull request #84 from vulcanize/improve-postgraphile-interaction
13cd712 
Add support for restricted graphql users
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ana0 ana0 ana0 left review comments

@i-norden i-norden i-norden approved these changes

@rmulhol rmulhol rmulhol approved these changes

@elizabethengelman elizabethengelman Awaiting requested review from elizabethengelman

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@m0ar @ana0 @rmulhol @i-norden