ZempTime/directives.ts

## directives.ts
import { SchemaDirectiveVisitor } from "apollo-server-koa";
import { GraphQLField, defaultFieldResolver } from "graphql";

class IsAuthenticatedDirective extends SchemaDirectiveVisitor {
  visitFieldDefinition(field: GraphQLField<any, any>) {
    const { resolve = defaultFieldResolver } = field;
    field.resolve = async function(...args) {
      const ctx = args[2];
      if (!ctx.state.user.id) {
        throw new Error("You must be signed in to do this.");
      }
      return resolve.apply(this, args);
    };
  }
}

class HasOperationsDirective extends SchemaDirectiveVisitor {
  visitFieldDefinition(field: GraphQLField<any, any>) {
    const { resolve = defaultFieldResolver } = field;
    const { requires } = this.args;

    field.resolve = async function(...args) {
      const ctx = args[2];

      const actualOperations = ctx.state.user.permissions || [];
      const requiredOperations = requires;

      const hasPermission = requiredOperations.some((operation: any) => {
        return actualOperations.includes(operation);
      });

      if (!hasPermission) {
        throw new Error(
          `You don't have permission to do this. Yours: ${actualOperations}. Required: ${requiredOperations}`
        );
      }

      return resolve.apply(this, args);
    };
  }
}

class IsUnauthenticatedDirective extends SchemaDirectiveVisitor {
  visitFieldDefinition(field: GraphQLField<any, any>) {
    const { resolve = defaultFieldResolver } = field;
    field.resolve = async function(...args) {
      const ctx = args[2];
      if (ctx.state.user.id) {
        throw new Error("You must can't be signed in to do this.");
      }
      return resolve.apply(this, args);
    };
  }
}

export {
  IsAuthenticatedDirective,
  HasPermissionDirective,
  IsUnauthenticatedDirective
};
	import { SchemaDirectiveVisitor } from "apollo-server-koa";
	import { GraphQLField, defaultFieldResolver } from "graphql";

	class IsAuthenticatedDirective extends SchemaDirectiveVisitor {
	visitFieldDefinition(field: GraphQLField<any, any>) {
	const { resolve = defaultFieldResolver } = field;
	field.resolve = async function(...args) {
	const ctx = args[2];
	if (!ctx.state.user.id) {
	throw new Error("You must be signed in to do this.");
	}
	return resolve.apply(this, args);
	};
	}
	}

	class HasOperationsDirective extends SchemaDirectiveVisitor {
	visitFieldDefinition(field: GraphQLField<any, any>) {
	const { resolve = defaultFieldResolver } = field;
	const { requires } = this.args;

	field.resolve = async function(...args) {
	const ctx = args[2];

	const actualOperations = ctx.state.user.permissions \|\| [];
	const requiredOperations = requires;

	const hasPermission = requiredOperations.some((operation: any) => {
	return actualOperations.includes(operation);
	});

	if (!hasPermission) {
	throw new Error(
	`You don't have permission to do this. Yours: ${actualOperations}. Required: ${requiredOperations}`
	);
	}

	return resolve.apply(this, args);
	};
	}
	}

	class IsUnauthenticatedDirective extends SchemaDirectiveVisitor {
	visitFieldDefinition(field: GraphQLField<any, any>) {
	const { resolve = defaultFieldResolver } = field;
	field.resolve = async function(...args) {
	const ctx = args[2];
	if (ctx.state.user.id) {
	throw new Error("You must can't be signed in to do this.");
	}
	return resolve.apply(this, args);
	};
	}
	}

	export {
	IsAuthenticatedDirective,
	HasPermissionDirective,
	IsUnauthenticatedDirective
	};