-
Notifications
You must be signed in to change notification settings - Fork 6
/
GraphQLGrant.ts
113 lines (110 loc) · 2.9 KB
/
GraphQLGrant.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
import {
GraphQLID,
GraphQLList,
GraphQLNonNull,
GraphQLString,
GraphQLBoolean,
GraphQLObjectType
} from "graphql";
import {
connectionFromArray,
connectionArgs,
ConnectionArguments
} from "graphql-relay";
import { Grant, Client, User } from "../model";
import { Context } from "../Context";
import { GraphQLClient } from "./GraphQLClient";
import { GraphQLUser } from "./GraphQLUser";
import { GraphQLAuthorizationConnection } from "./GraphQLAuthorizationConnection";
import { filter } from "../util/filter";
export const GraphQLGrant: GraphQLObjectType<
Grant,
Context
> = new GraphQLObjectType<Grant, Context>({
name: "Grant",
interfaces: () => [],
fields: () => ({
id: { type: new GraphQLNonNull(GraphQLID) },
enabled: {
type: new GraphQLNonNull(GraphQLBoolean)
},
user: {
type: GraphQLUser,
async resolve(
grant,
args,
{ realm, authorization: a, tx }: Context
): Promise<null | User> {
if (!a) return null;
const user = await grant.user(tx);
return user.isAccessibleBy(realm, a, tx) ? user : null;
}
},
client: {
type: GraphQLClient,
async resolve(
grant,
args,
{ realm, authorization: a, tx }: Context
): Promise<null | Client> {
if (!a) return null;
const client = await grant.client(tx);
return client.isAccessibleBy(realm, a, tx) ? client : null;
}
},
secrets: {
type: new GraphQLList(GraphQLString),
async resolve(
grant,
args,
{ realm, authorization: a, tx }: Context
): Promise<null | string[]> {
return a && (await grant.isAccessibleBy(realm, a, tx, "read.secrets"))
? [...grant.secrets]
: null;
}
},
codes: {
type: new GraphQLList(GraphQLString),
async resolve(
grant,
args,
{ realm, authorization: a, tx }: Context
): Promise<null | string[]> {
return a && (await grant.isAccessibleBy(realm, a, tx, "read.secrets"))
? [...grant.codes]
: null;
}
},
scopes: {
type: new GraphQLList(GraphQLString),
async resolve(
grant,
args,
{ realm, authorization: q, tx }: Context
): Promise<null | string[]> {
return q && (await grant.isAccessibleBy(realm, q, tx, "read.scopes"))
? grant.scopes
: null;
}
},
authorizations: {
type: GraphQLAuthorizationConnection,
args: connectionArgs,
async resolve(
grant,
args: ConnectionArguments,
{ realm, authorization: a, tx }: Context
) {
return a
? connectionFromArray(
await filter(await grant.authorizations(tx), authorization =>
authorization.isAccessibleBy(realm, a, tx)
),
args
)
: null;
}
}
})
});