npm
Sign UpSign In

graphql-acl

1.0.3 • Public • Published

GraphQL ACL

Specify allowed fields for roles. Create big scheme with all fields and allow only some fields to roles.

Installation:

Using npm:

$ npm i --save graphql-acl

Example:

ACL:

Configure object representing allowed fields.

const acl = {
  user: true,
  articles: {
    title: true,
    author: {
      name: true
    }
  }
}

Scheme:

{
  user: {
    name: String,
    surname: String,
    email: String
  },
  articles: {
    id: Number,
    title: String,
    perex: String,
    content: String,
    views: Number,
    author: {
      name: String,
      surname: String
    }
  }
}

Result:

Generated schema contains only allowed fields.

{
  user: {
    name: String,
    surname: String,
    email: String
  },
  articles: {
    title: String,
    author: {
      name: String
    }
  }
}

Implementation:

createGraphQLObjectType(props, fields) => function (acl)

Return function which expect acl as param and generate GraphQLObjectType.

props - {Object} - GraphQLObjectType properties

fields - {Object} - expect GQL object or function which returns GQL object

index.js
const { GraphQLSchema } = require('graphql')
 
const {ROLES, ACL} = require('./acl')
const createRoot = require('./root')
 
const userSchema = new GraphQLSchema({
  description: 'User graphQL',
  query: createRoot(ACL[ROLES.USER])
})
 
const adminSchema = new GraphQLSchema({
  description: 'Admin graphQL',
  query: createRoot(ACL[ROLES.ADMIN])
})
root.js
const { GraphQLString } = require('graphql')
const { createGraphQLObjectType } = require('graphql-acl')
 
const createUser = require('./user')
 
const user = acl => ({
  description: 'User object',
  type: createUser(acl)
})
 
const version = ({
  description: 'Version',
  type: GraphQLString
})
 
const createRoot = createGraphQLObjectType({
  name: 'Query'
}, {
  user,
  version
})
 
module.exports = createRoot
user.js
const { GraphQLString } = require('graphql')
const { createGraphQLObjectType } = require('graphql-acl')
 
const name = ({
  description: 'Name',
  type: GraphQLString
})
 
const surname = ({
  description: 'Surname',
  type: GraphQLString
})
 
const createUser = createGraphQLObjectType({
  name: 'User'
}, {
  name,
  surname
})
 
module.exports = createUser
acl.js
const ROLES = {
  USER: 'USER',
  ADMIN: 'ADMIN'
}
 
const userAcl = {
  user: {
    name: true
  }
}
 
const ACL = {
  [ROLES.USER]: userAcl,
  [ROLES.ADMIN]: true // Allow everything
}
 
module.exports = {
  ROLES,
  ACL
}

Readme

Keywords

Package Sidebar

Install

npm i graphql-acl

Repository

github.com/jakubchadim/graphql-acl

Homepage

github.com/jakubchadim/graphql-acl#readme

Weekly Downloads

8

Version

1.0.3

License

MIT

Last publish

Collaborators

  • jakubchadim
Try on RunKit
Report malware