Last active
April 20, 2020 10:08
-
-
Save darahayes/072627f41706731eb1809692b6aab1d6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| input CreateNoteInput { | |
| id: ID | |
| content: String! | |
| _version: Int | |
| } | |
| input CreateTaskInput { | |
| id: ID | |
| title: String! | |
| description: String | |
| status: String | |
| _version: Int | |
| } | |
| input DeleteNoteInput { | |
| id: ID | |
| _version: Int | |
| } | |
| input DeleteTaskInput { | |
| id: ID | |
| _version: Int | |
| } | |
| enum ModelAttributeTypes { | |
| binary | |
| binarySet | |
| bool | |
| list | |
| map | |
| number | |
| numberSet | |
| string | |
| stringSet | |
| _null | |
| } | |
| input ModelBooleanInput { | |
| ne: Boolean | |
| eq: Boolean | |
| attributeExists: Boolean | |
| attributeType: ModelAttributeTypes | |
| } | |
| input ModelFloatInput { | |
| ne: Float | |
| eq: Float | |
| le: Float | |
| lt: Float | |
| ge: Float | |
| gt: Float | |
| between: [Float] | |
| attributeExists: Boolean | |
| attributeType: ModelAttributeTypes | |
| } | |
| input ModelIDInput { | |
| ne: ID | |
| eq: ID | |
| le: ID | |
| lt: ID | |
| ge: ID | |
| gt: ID | |
| contains: ID | |
| notContains: ID | |
| between: [ID] | |
| beginsWith: ID | |
| attributeExists: Boolean | |
| attributeType: ModelAttributeTypes | |
| size: ModelSizeInput | |
| } | |
| input ModelIntInput { | |
| ne: Int | |
| eq: Int | |
| le: Int | |
| lt: Int | |
| ge: Int | |
| gt: Int | |
| between: [Int] | |
| attributeExists: Boolean | |
| attributeType: ModelAttributeTypes | |
| } | |
| input ModelNoteConditionInput { | |
| content: ModelStringInput | |
| and: [ModelNoteConditionInput] | |
| or: [ModelNoteConditionInput] | |
| not: ModelNoteConditionInput | |
| } | |
| type ModelNoteConnection { | |
| items: [Note] | |
| nextToken: String | |
| startedAt: AWSTimestamp | |
| } | |
| input ModelNoteFilterInput { | |
| id: ModelIDInput | |
| content: ModelStringInput | |
| and: [ModelNoteFilterInput] | |
| or: [ModelNoteFilterInput] | |
| not: ModelNoteFilterInput | |
| } | |
| input ModelSizeInput { | |
| ne: Int | |
| eq: Int | |
| le: Int | |
| lt: Int | |
| ge: Int | |
| gt: Int | |
| between: [Int] | |
| } | |
| enum ModelSortDirection { | |
| ASC | |
| DESC | |
| } | |
| input ModelStringInput { | |
| ne: String | |
| eq: String | |
| le: String | |
| lt: String | |
| ge: String | |
| gt: String | |
| contains: String | |
| notContains: String | |
| between: [String] | |
| beginsWith: String | |
| attributeExists: Boolean | |
| attributeType: ModelAttributeTypes | |
| size: ModelSizeInput | |
| } | |
| input ModelTaskConditionInput { | |
| title: ModelStringInput | |
| description: ModelStringInput | |
| status: ModelStringInput | |
| and: [ModelTaskConditionInput] | |
| or: [ModelTaskConditionInput] | |
| not: ModelTaskConditionInput | |
| } | |
| type ModelTaskConnection { | |
| items: [Task] | |
| nextToken: String | |
| startedAt: AWSTimestamp | |
| } | |
| input ModelTaskFilterInput { | |
| id: ModelIDInput | |
| title: ModelStringInput | |
| description: ModelStringInput | |
| status: ModelStringInput | |
| and: [ModelTaskFilterInput] | |
| or: [ModelTaskFilterInput] | |
| not: ModelTaskFilterInput | |
| } | |
| type Mutation { | |
| createTask(input: CreateTaskInput!, condition: ModelTaskConditionInput): Task | |
| updateTask(input: UpdateTaskInput!, condition: ModelTaskConditionInput): Task | |
| deleteTask(input: DeleteTaskInput!, condition: ModelTaskConditionInput): Task | |
| createNote(input: CreateNoteInput!, condition: ModelNoteConditionInput): Note | |
| updateNote(input: UpdateNoteInput!, condition: ModelNoteConditionInput): Note | |
| deleteNote(input: DeleteNoteInput!, condition: ModelNoteConditionInput): Note | |
| } | |
| type Note { | |
| id: ID! | |
| content: String! | |
| _version: Int! | |
| _deleted: Boolean | |
| _lastChangedAt: AWSTimestamp! | |
| owner: String | |
| } | |
| type Query { | |
| syncTasks( | |
| filter: ModelTaskFilterInput, | |
| limit: Int, | |
| nextToken: String, | |
| lastSync: AWSTimestamp | |
| ): ModelTaskConnection | |
| getTask(id: ID!): Task | |
| listTasks(filter: ModelTaskFilterInput, limit: Int, nextToken: String): ModelTaskConnection | |
| syncNotes( | |
| filter: ModelNoteFilterInput, | |
| limit: Int, | |
| nextToken: String, | |
| lastSync: AWSTimestamp | |
| ): ModelNoteConnection | |
| getNote(id: ID!): Note | |
| listNotes(filter: ModelNoteFilterInput, limit: Int, nextToken: String): ModelNoteConnection | |
| } | |
| type Subscription { | |
| onCreateTask: Task | |
| @aws_subscribe(mutations: ["createTask"]) | |
| onUpdateTask: Task | |
| @aws_subscribe(mutations: ["updateTask"]) | |
| onDeleteTask: Task | |
| @aws_subscribe(mutations: ["deleteTask"]) | |
| onCreateNote(owner: String): Note | |
| @aws_subscribe(mutations: ["createNote"]) | |
| onUpdateNote(owner: String): Note | |
| @aws_subscribe(mutations: ["updateNote"]) | |
| onDeleteNote(owner: String): Note | |
| @aws_subscribe(mutations: ["deleteNote"]) | |
| } | |
| type Task { | |
| id: ID! | |
| title: String! | |
| description: String | |
| status: String | |
| _version: Int! | |
| _deleted: Boolean | |
| _lastChangedAt: AWSTimestamp! | |
| } | |
| input UpdateNoteInput { | |
| id: ID! | |
| content: String | |
| _version: Int | |
| } | |
| input UpdateTaskInput { | |
| id: ID! | |
| title: String | |
| description: String | |
| status: String | |
| _version: Int | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #set( $limit = $util.defaultIfNull($context.args.limit, 10) ) | |
| #set( $ListRequest = { | |
| "version": "2018-05-29", | |
| "limit": $limit | |
| } ) | |
| #if( $context.args.nextToken ) | |
| #set( $ListRequest.nextToken = $context.args.nextToken ) | |
| #end | |
| #if( $context.args.filter ) | |
| #set( $ListRequest.filter = $util.parseJson("$util.transform.toDynamoDBFilterExpression($ctx.args.filter)") ) | |
| #end | |
| #if( !$util.isNull($modelQueryExpression) | |
| && !$util.isNullOrEmpty($modelQueryExpression.expression) ) | |
| $util.qr($ListRequest.put("operation", "Query")) | |
| $util.qr($ListRequest.put("query", $modelQueryExpression)) | |
| #if( !$util.isNull($ctx.args.sortDirection) && $ctx.args.sortDirection == "DESC" ) | |
| #set( $ListRequest.scanIndexForward = false ) | |
| #else | |
| #set( $ListRequest.scanIndexForward = true ) | |
| #end | |
| #else | |
| $util.qr($ListRequest.put("operation", "Scan")) | |
| #end | |
| $util.toJson($ListRequest) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## [Start] Determine request authentication mode ** | |
| #if( $util.isNullOrEmpty($authMode) && !$util.isNull($ctx.identity) && !$util.isNull($ctx.identity.sub) && !$util.isNull($ctx.identity.issuer) && !$util.isNull($ctx.identity.username) && !$util.isNull($ctx.identity.claims) && !$util.isNull($ctx.identity.sourceIp) && !$util.isNull($ctx.identity.defaultAuthStrategy) ) | |
| #set( $authMode = "userPools" ) | |
| #end | |
| ## [End] Determine request authentication mode ** | |
| ## [Start] Check authMode and execute owner/group checks ** | |
| #if( $authMode == "userPools" ) | |
| ## [Start] Static Group Authorization Checks ** | |
| #set($isStaticGroupAuthorized = $util.defaultIfNull( | |
| $isStaticGroupAuthorized, false)) | |
| ## Authorization rule: { allow: groups, groups: ["Admin"], groupClaim: "cognito:groups" } ** | |
| #set( $userGroups = $util.defaultIfNull($ctx.identity.claims.get("cognito:groups"), []) ) | |
| #set( $allowedGroups = ["Admin"] ) | |
| #foreach( $userGroup in $userGroups ) | |
| #if( $allowedGroups.contains($userGroup) ) | |
| #set( $isStaticGroupAuthorized = true ) | |
| #break | |
| #end | |
| #end | |
| ## [End] Static Group Authorization Checks ** | |
| ## [Start] If not static group authorized, filter items ** | |
| #if( !$isStaticGroupAuthorized ) | |
| #set( $items = [] ) | |
| #foreach( $item in $ctx.result.items ) | |
| ## No Dynamic Group Authorization Rules ** | |
| ## [Start] Owner Authorization Checks ** | |
| #set( $isLocalOwnerAuthorized = false ) | |
| ## Authorization rule: { allow: owner, ownerField: "owner", identityClaim: "cognito:username" } ** | |
| #set( $allowedOwners0 = $item.owner ) | |
| #set( $identityValue = $util.defaultIfNull($ctx.identity.claims.get("username"), $util.defaultIfNull($ctx.identity.claims.get("cognito:username"), "___xamznone____")) ) | |
| #if( $util.isList($allowedOwners0) ) | |
| #foreach( $allowedOwner in $allowedOwners0 ) | |
| #if( $allowedOwner == $identityValue ) | |
| #set( $isLocalOwnerAuthorized = true ) | |
| #end | |
| #end | |
| #end | |
| #if( $util.isString($allowedOwners0) ) | |
| #if( $allowedOwners0 == $identityValue ) | |
| #set( $isLocalOwnerAuthorized = true ) | |
| #end | |
| #end | |
| ## [End] Owner Authorization Checks ** | |
| #if( ($isLocalDynamicGroupAuthorized == true || $isLocalOwnerAuthorized == true) ) | |
| $util.qr($items.add($item)) | |
| #end | |
| #end | |
| #set( $ctx.result.items = $items ) | |
| #end | |
| ## [End] If not static group authorized, filter items ** | |
| #end | |
| ## [End] Check authMode and execute owner/group checks ** | |
| #if( $ctx.error ) | |
| $util.error($ctx.error.message, $ctx.error.type, $ctx.result) | |
| #else | |
| $util.toJson($ctx.result) | |
| #end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment