Skip to content
This repository has been archived by the owner on Aug 31, 2021. It is now read-only.

Add support for restricted graphql users #84

Merged
merged 4 commits into from
Apr 18, 2019
Merged

Add support for restricted graphql users #84

merged 4 commits into from
Apr 18, 2019

Conversation

m0ar
Copy link
Contributor

@m0ar m0ar commented Apr 18, 2019

This PR:

  • Adds functionality to supply an access-restricted user for postgraphile introspection, limiting the data available in GraphQL. This is what can be set with GQ_USER & GQ_PASSWORD.
  • Bumps the version of postgraphile
  • Add env variable use of @ana0's schema selection stuff
  • Some general improvements of the postgraphile configuration:
    • pg-simplify-inflector plugin for less crazy name inference
    • disableDefaultMutations does what it says on the tin
    • exportGqlSchemaPath dumps the generated schema, useful when configuring GraphQL
    • ignoreRBAC: false tells postgraphile to respect the permissions of a restricted user
    • ownerConnectionString instructs postgraphile to use a higher-permissioned role to setup the watch fixtures.

Happy Easter 馃悿 馃尰

@m0ar m0ar mentioned this pull request Apr 18, 2019
Merged
@m0ar
Copy link
Contributor Author

m0ar commented Apr 18, 2019

I've removed some old dependencies in an additional commit now. Ask @AFDudley for context on this change if needed :)

ana0
ana0 reviewed Apr 18, 2019
View reviewed changes
postgraphile/README.md
for postgraphile introspection by adding env variables `GQ_USER` and `GQ_PASSWORD`.
* By doing `GRANT [SELECT | EXECUTE]` on tables/functions for this user,
you can selectively assign things you want available in GraphQL.
* You still need to pass in a superuser with `DATABASE_USER` & `DATABASE_PASSWORD` for
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Typo: 'for for'

@rmulhol rmulhol merged commit 2675ac0 into staging Apr 18, 2019
@rmulhol rmulhol deleted the improve-postgraphile-interaction branch April 18, 2019 14:51
i-norden pushed a commit that referenced this pull request Apr 18, 2019
@rmulhol
Merge pull request #84 from vulcanize/improve-postgraphile-interaction
13cd712 
Add support for restricted graphql users
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@ana0 ana0 ana0 left review comments

@rmulhol rmulhol rmulhol approved these changes

@i-norden i-norden i-norden approved these changes

@elizabethengelman elizabethengelman Awaiting requested review from elizabethengelman

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@m0ar @ana0 @rmulhol @i-norden