Class: GraphQL::Guard

Inherits:

Object

Object
GraphQL::Guard

show all

Defined in:: lib/graphql/guard.rb,
lib/graphql/guard/version.rb

Constant Summary collapse

ANY_FIELD_NAME =

:'*'

DEFAULT_NOT_AUTHORIZED =

->(type, field) { raise NotAuthorizedError.new("Not authorized to access: #{type}.#{field}") }

NotAuthorizedError =

Class.new(StandardError)

VERSION =

"1.3.1"

Instance Attribute Summary collapse

#not_authorized ⇒ Object readonly

Returns the value of attribute not_authorized.
#policy_object ⇒ Object readonly

Returns the value of attribute policy_object.

Instance Method Summary collapse

#guard_proc(type, field) ⇒ Object
#initialize(policy_object: nil, not_authorized: DEFAULT_NOT_AUTHORIZED) ⇒ Guard constructor

A new instance of Guard.
#instrument(type, field) ⇒ Object
#use(schema_definition) ⇒ Object

Constructor Details

#initialize(policy_object: nil, not_authorized: DEFAULT_NOT_AUTHORIZED) ⇒ `Guard`

Returns a new instance of Guard.

# File 'lib/graphql/guard.rb', line 15

def initialize(policy_object: nil, not_authorized: DEFAULT_NOT_AUTHORIZED)
  @policy_object = policy_object
  @not_authorized = not_authorized
end

Instance Attribute Details

#not_authorized ⇒ `Object` (readonly)

Returns the value of attribute not_authorized.



13
14
15

# File 'lib/graphql/guard.rb', line 13

def not_authorized
  @not_authorized
end

#policy_object ⇒ `Object` (readonly)

Returns the value of attribute policy_object.



13
14
15

# File 'lib/graphql/guard.rb', line 13

def policy_object
  @policy_object
end

Instance Method Details

#guard_proc(type, field) ⇒ `Object`

# File 'lib/graphql/guard.rb', line 43

def guard_proc(type, field)
  inline_field_guard(field) ||
    policy_object_guard(type, field.name.to_sym) ||
    inline_type_guard(type) ||
    policy_object_guard(type, ANY_FIELD_NAME)
end

#instrument(type, field) ⇒ `Object`

# File 'lib/graphql/guard.rb', line 25

def instrument(type, field)
  guard_proc = guard_proc(type, field)
  return field unless guard_proc

  old_resolve_proc = field.resolve_proc
  new_resolve_proc = ->(object, arguments, context) do
    authorized = guard_proc.call(object, arguments, context)

    if authorized
      old_resolve_proc.call(object, arguments, context)
    else
      not_authorized.call(type, field.name.to_sym)
    end
  end

  field.redefine { resolve(new_resolve_proc) }
end

#use(schema_definition) ⇒ `Object`

# File 'lib/graphql/guard.rb', line 20

def use(schema_definition)
  schema_definition.instrument(:field, self)
  add_schema_masking!(schema_definition)
end

Class: GraphQL::Guard

Constant Summary collapse

Instance Attribute Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(policy_object: nil, not_authorized: DEFAULT_NOT_AUTHORIZED) ⇒ Guard

Instance Attribute Details

#not_authorized ⇒ Object (readonly)

#policy_object ⇒ Object (readonly)