Skip to content

Latest commit

 

History

History
267 lines (218 loc) · 3.17 KB

DEMO.md

File metadata and controls

267 lines (218 loc) · 3.17 KB

GraphQL Sword

Demo and examples

This is an exhaustive list of permission for the model User and the result expected.


Read

// Permission
{
  operation: 'User.Read',
}

// Rule apply on
Query.user() { ... }
// Permission
{
  operation: 'User.Read',
  alias: 'me',
}

// Rule apply on
Query.me() { ... }
// Permission
{
  operation: 'User.Read',
  fields: ['email'],
}

// Rule apply on
Query.user() { email }
// Permission
{
  operation: 'User.Read',
  alias: 'me',
  fields: ['email'],
}

// Rule apply on
Query.me() { email }

Browse

// Permission
{
  operation: 'User.Browse',
}

// Rule apply on
Query.users() { ... }
// Permission
{
  operation: 'User.Browse',
  alias: 'allUsers',
}

// Rule apply on
Query.allUsers() { ... }
// Permission
{
  operation: 'User.Browse',
  fields: ['email'],
}

// Rule apply on
Query.users() { email }
// Permission
{
  operation: 'User.Browse',
  alias: 'allUsers',
  fields: ['email'],
}

// Rule apply on
Query.allUsers() { email }

Add

// Permission
{
  operation: 'User.Add',
}

// Rule apply on
Query.addUser() { ... }
// Permission
{
  operation: 'User.Add',
  alias: 'signup',
}

// Rule apply on
Query.signup() { ... }
// Permission
{
  operation: 'User.Add',
  fields: ['email'],
}

// Rule apply on
Query.addUser(data: { email }) { ... }
// Permission
{
  operation: 'User.Add',
  alias: 'signup',
  fields: ['email'],
}

// Rule apply on
Query.signup(data: { email }) { ... }

Edit

// Permission
{
  operation: 'User.Edit',
}

// Rule apply on
Query.editUser(data: { ... }, where: { ... }) { ... }
// Permission
{
  operation: 'User.Edit',
  alias: 'editCurrentUser',
}

// Rule apply on
Query.editCurrentUser(data: { ... }, where: { ... }) { ... }
// Permission
{
  operation: 'User.Edit',
  fields: ['email'],
}

// Rule apply on
Query.editUser(data: { email, ... }, where: { ... }) { ... }
// Permission
{
  operation: 'User.Edit',
  alias: 'editCurrentUser',
  fields: ['email'],
}

// Rule apply on
Query.editCurrentUser(data: { email, ... }, where: { ... }) { ... }

Delete

// Permission
{
  operation: 'User.Delete',
}

// Rule apply on
Query.deleteUser(where: { ... }) { ... }
// Permission
{
  operation: 'User.Delete',
  alias: 'removeUser',
}

// Rule apply on
Query.removeUser(where: { ... }) { ... }
// Permission
{
  operation: 'User.Delete',
  fields: ['email'],
}

// Throw an Error because you can't apply the option `email` to the `Delete` action
// Permission
{
  operation: 'User.Delete',
  alias: 'removeUser',
  fields: ['email'],
}

// Throw an Error because you can't apply the option `email` to the `Delete` action

Model (will be available with the V2)

// Permission
{
  operation: 'User.*',
}

// Rule apply on
User { ... }
// Permission
{
  operation: 'User.*',
  fields: ['email'],
}

// Rule apply on
User { email }
// Permission
{
  operation: 'User.*',
  alias: 'removeUser',
}

// Throw an Error because you can't apply the option `alias` to the `*` action