Class: Osso::GraphQL::Types::BaseObject

Inherits:

GraphQL::Schema::Object

Object
GraphQL::Schema::Object
Osso::GraphQL::Types::BaseObject

show all

Defined in:: lib/osso/graphql/types/base_object.rb

Direct Known Subclasses

AdminUser, AppConfig, EnterpriseAccount, Error, IdentityProvider, MutationType, OauthClient, RedirectUri

Class Method Summary collapse

Class Method Details

.admin_authorized?(context) ⇒ `Boolean`

Returns:

(Boolean)



14
15
16

# File 'lib/osso/graphql/types/base_object.rb', line 14

def self.admin_authorized?(context)
  context[:scope] == 'admin'
end

.authorized?(object, context) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/osso/graphql/types/base_object.rb', line 28

def self.authorized?(object, context)
  # we first receive the payload object as a hash, but can depend on the
  # return type to hide the actual objects non-admins shouldn't see
  return true if object.instance_of?(Hash)

  internal_authorized?(context) || enterprise_authorized?(context, object&.domain)
end

.enterprise_authorized?(context, domain) ⇒ `Boolean`

Returns:

(Boolean)

# File 'lib/osso/graphql/types/base_object.rb', line 22

def self.enterprise_authorized?(context, domain)
  return false unless domain

  context[:email].split('@')[1] == domain
end

.internal_authorized?(context) ⇒ `Boolean`

Returns:

(Boolean)



18
19
20

# File 'lib/osso/graphql/types/base_object.rb', line 18

def self.internal_authorized?(context)
  %w[admin internal].include?(context[:scope])
end

Class: Osso::GraphQL::Types::BaseObject

Direct Known Subclasses

Class Method Summary collapse

Class Method Details

.admin_authorized?(context) ⇒ Boolean

.authorized?(object, context) ⇒ Boolean

.enterprise_authorized?(context, domain) ⇒ Boolean

.internal_authorized?(context) ⇒ Boolean

.admin_authorized?(context) ⇒ `Boolean`

.authorized?(object, context) ⇒ `Boolean`

.enterprise_authorized?(context, domain) ⇒ `Boolean`

.internal_authorized?(context) ⇒ `Boolean`