crucialfelix/graphql_auth.py

## graphql_auth.py
from decorator import decorator

def _check_auth(args, pred):
    _, _, context, _ = args
    if not pred(context):
        raise Exception("Unauthorized")


@decorator
def is_user(fn, *args, **kwargs):
    _check_auth(args, lambda context: not context.user.is_anonymous())
    return fn(*args, **kwargs)


@decorator
def is_staff(fn, *args, **kwargs):
    _check_auth(args, lambda context: context.user.is_staff)
    return fn(*args, **kwargs)


## schema.py
from graphql_auth import is_staff
# etc

class CreateClientNote(graphene.relay.ClientIDMutation):

    class Input:
        client_id = graphene.ID(required=True)
        body = graphene.String(required=True)

    client_note = graphene.Field(ClientNote)

    @classmethod
    @is_staff
    def mutate_and_get_payload(cls, input, context, info):
        client = get_model(input.get('client_id'), context, info)
        model = models.ClientNote.objects.create(
            created_by_agent=context.agent, body=input.get('body'), client=client)
        return cls(client_note=model)
	from decorator import decorator

	def _check_auth(args, pred):
	_, _, context, _ = args
	if not pred(context):
	raise Exception("Unauthorized")


	@decorator
	def is_user(fn, args, *kwargs):
	_check_auth(args, lambda context: not context.user.is_anonymous())
	return fn(args, *kwargs)


	@decorator
	def is_staff(fn, args, *kwargs):
	_check_auth(args, lambda context: context.user.is_staff)
	return fn(args, *kwargs)
	from graphql_auth import is_staff
	# etc

	class CreateClientNote(graphene.relay.ClientIDMutation):

	class Input:
	client_id = graphene.ID(required=True)
	body = graphene.String(required=True)

	client_note = graphene.Field(ClientNote)

	@classmethod
	@is_staff
	def mutate_and_get_payload(cls, input, context, info):
	client = get_model(input.get('client_id'), context, info)
	model = models.ClientNote.objects.create(
	created_by_agent=context.agent, body=input.get('body'), client=client)
	return cls(client_note=model)