rmosolgo/can_can_graphql.rb

## can_can_graphql.rb
require "bundler/inline"

gemfile do
  gem "graphql", "2.3.4"
  gem "graphql-pro", "1.27.5"
  gem "cancancan", "3.5.0"
end

class Ability
  include CanCan::Ability

  def initialize(viewer)
    can :check_balance, User do |user|
      can_check_balance = user == viewer || viewer.superuser
      puts "Can check_balance? #{can_check_balance} (#{user == viewer}, #{viewer.superuser})"
      can_check_balance
    end
  end
end

User = Struct.new("User", :superuser, :account_balance)

class MySchema < GraphQL::Schema
  class BaseField < GraphQL::Schema::Field
    include GraphQL::Pro::CanCanIntegration::FieldIntegration
    can_can_action(nil) # default to no auth
  end

  class BaseObject < GraphQL::Schema::Object
    include GraphQL::Pro::CanCanIntegration::ObjectIntegration
    field_class(BaseField)
    can_can_action(nil) # default to no auth
  end

  class User < BaseObject
    field :account_balance, Int, can_can_action: :check_balance
  end

  class Query < BaseObject
    field :user, User

    def user
      ::User.new(false, 100)
    end

    field :current_user, User

    def current_user
      context[:current_user]
    end
  end

  query(Query)
end

query_str = "{ user { accountBalance } }"

pp MySchema.execute(query_str, context: { current_user: User.new(true, 0) }).to_h
# Can check_balance? true (false, true)
# {"data"=>{"user"=>{"accountBalance"=>100}}}

pp MySchema.execute(query_str, context: { current_user: User.new(false, 0) }).to_h
# Can check_balance? false (false, false)
# {"data"=>{"user"=>{"accountBalance"=>nil}}}

pp MySchema.execute("{ currentUser { accountBalance } }", context: { current_user: User.new(false, 55) }).to_h
# Can check_balance? true (true, false)
# {"data"=>{"currentUser"=>{"accountBalance"=>55}}}
	require "bundler/inline"

	gemfile do
	gem "graphql", "2.3.4"
	gem "graphql-pro", "1.27.5"
	gem "cancancan", "3.5.0"
	end

	class Ability
	include CanCan::Ability

	def initialize(viewer)
	can :check_balance, User do \|user\|
	can_check_balance = user == viewer \|\| viewer.superuser
	puts "Can check_balance? #{can_check_balance} (#{user == viewer}, #{viewer.superuser})"
	can_check_balance
	end
	end
	end

	User = Struct.new("User", :superuser, :account_balance)

	class MySchema < GraphQL::Schema
	class BaseField < GraphQL::Schema::Field
	include GraphQL::Pro::CanCanIntegration::FieldIntegration
	can_can_action(nil) # default to no auth
	end

	class BaseObject < GraphQL::Schema::Object
	include GraphQL::Pro::CanCanIntegration::ObjectIntegration
	field_class(BaseField)
	can_can_action(nil) # default to no auth
	end

	class User < BaseObject
	field :account_balance, Int, can_can_action: :check_balance
	end

	class Query < BaseObject
	field :user, User

	def user
	::User.new(false, 100)
	end

	field :current_user, User

	def current_user
	context[:current_user]
	end
	end

	query(Query)
	end

	query_str = "{ user { accountBalance } }"

	pp MySchema.execute(query_str, context: { current_user: User.new(true, 0) }).to_h
	# Can check_balance? true (false, true)
	# {"data"=>{"user"=>{"accountBalance"=>100}}}

	pp MySchema.execute(query_str, context: { current_user: User.new(false, 0) }).to_h
	# Can check_balance? false (false, false)
	# {"data"=>{"user"=>{"accountBalance"=>nil}}}

	pp MySchema.execute("{ currentUser { accountBalance } }", context: { current_user: User.new(false, 55) }).to_h
	# Can check_balance? true (true, false)
	# {"data"=>{"currentUser"=>{"accountBalance"=>55}}}