Module: GraphQR::Authorized

Defined in:

lib/graphqr/authorized.rb

Overview

This module is the authorization extension created with our PolicyProvider.

To use it add ‘extend GraphQR::Authorized` on the `GraphQL::Schema::Object` you want it, or add it on your `BaseObject`

Instance Method Summary

• #authorized?(object, context) ⇒ Boolean

  The ‘authorized? `method always runs before resolving an object.

Instance Method Details

#authorized?(object, context) ⇒ Boolean

The ‘authorized? `method always runs before resolving an object.

Our implementation adds a check on the ‘show?` method from the record Policy.

Returns:

• (Boolean)

# File 'lib/graphqr/authorized.rb', line 14

def authorized?(object, context)
  policy_provider = context[:policy_provider]

  super && policy_provider.allowed?(action: :show?, record: object)
end