Created
September 8, 2017 07:39
-
-
Save yyyyaaa/6285477fe67e5d889ac2ec6c024826cf to your computer and use it in GitHub Desktop.
Graphql permissions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import _ from 'lodash'; | |
const createResolver = (resolver) => { | |
const baseResolver = resolver; | |
baseResolver.createResolver = (childResolver) => { | |
const newResolver = async (parent, args, context) => { | |
await resolver(parent, args, context); | |
return childResolver(parent, args, context); | |
} | |
return createResolver(newResolver); | |
} | |
return baseResolver; | |
} | |
export const requiresAuth = createResolver( (parent, args, context) => { | |
if (!context.user || !context.user.id) { | |
throw new Error('Not authenticated'); | |
} | |
}); | |
export const requiresAdmin = requiresAuth.createResolver( (parent, args, context) => { | |
if (!context.user.isAdmin) { | |
throw new Error('Requires admin access'); | |
} | |
}); | |
export const ensuresSameUser = requiresAuth.createResolver( (parent, args, context) => { | |
const isSameUser = args.userId === context.user.id; | |
if (!isSameUser) { | |
throw new Error("Cannot delete other user's resources"); | |
} | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment