1. Advisor
  2. apollo-server-errors
  3. functions
  4. apollo-server-errors.ForbiddenError
View all apollo-server-errors analysis

How to use the apollo-server-errors.ForbiddenError function in apollo-server-errors

To help you get started, we’ve selected a few apollo-server-errors examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github vtex / node-vtex-api / src / service / worker / runtime / graphql / schema / schemaDirectives / Auth.ts View on Github external
async function auth (ctx: ServiceContext, authArgs: AuthDirectiveArgs): Promise {
  const vtexIdToken = ctx.cookies.get('VtexIdclientAutCookie') || ctx.get('VtexIdclientAutCookie')
  if (!vtexIdToken) {
    throw new ForbiddenError('VtexIdclientAutCookie not found.')
  }

  const userEmail = await getUserEmail(ctx.vtex.authToken, vtexIdToken)
  if (!userEmail) {
    throw new ForbiddenError('Could not find user specified by VtexIdclientAutCookie.')
  }

  const userCanAccessResource = await getUserCanAccessResource(ctx.vtex.authToken, ctx.vtex.account, userEmail, authArgs.productCode, authArgs.resourceCode)
  if (!userCanAccessResource) {
    throw new ForbiddenError('User indicated by VtexIdclientAutCookie is not authorized to access the indicated resource.')
  }
}
github vtex / node-vtex-api / src / service / worker / runtime / graphql / schema / schemaDirectives / Auth.ts View on Github external
async function auth (ctx: ServiceContext, authArgs: AuthDirectiveArgs): Promise {
  const vtexIdToken = ctx.cookies.get('VtexIdclientAutCookie') || ctx.get('VtexIdclientAutCookie')
  if (!vtexIdToken) {
    throw new ForbiddenError('VtexIdclientAutCookie not found.')
  }

  const userEmail = await getUserEmail(ctx.vtex.authToken, vtexIdToken)
  if (!userEmail) {
    throw new ForbiddenError('Could not find user specified by VtexIdclientAutCookie.')
  }

  const userCanAccessResource = await getUserCanAccessResource(ctx.vtex.authToken, ctx.vtex.account, userEmail, authArgs.productCode, authArgs.resourceCode)
  if (!userCanAccessResource) {
    throw new ForbiddenError('User indicated by VtexIdclientAutCookie is not authorized to access the indicated resource.')
  }
}
github vtex / node-vtex-api / src / service / worker / runtime / graphql / schema / schemaDirectives / Auth.ts View on Github external
async function auth (ctx: ServiceContext, authArgs: AuthDirectiveArgs): Promise {
  const vtexIdToken = ctx.cookies.get('VtexIdclientAutCookie') || ctx.get('VtexIdclientAutCookie')
  if (!vtexIdToken) {
    throw new ForbiddenError('VtexIdclientAutCookie not found.')
  }

  const userEmail = await getUserEmail(ctx.vtex.authToken, vtexIdToken)
  if (!userEmail) {
    throw new ForbiddenError('Could not find user specified by VtexIdclientAutCookie.')
  }

  const userCanAccessResource = await getUserCanAccessResource(ctx.vtex.authToken, ctx.vtex.account, userEmail, authArgs.productCode, authArgs.resourceCode)
  if (!userCanAccessResource) {
    throw new ForbiddenError('User indicated by VtexIdclientAutCookie is not authorized to access the indicated resource.')
  }
}
github mythal / boluo / server / src / events / events.resolver.ts View on Github external
async channelEvent(
    @Args({ name: 'channelId', type: () => ID }) channelId: string,
    @CurrentUser() user?: TokenUserInfo
  ) {
    const channel = throwApolloError(await this.channelService.findById(channelId));
    if (!channel.isPublic) {
      if (!user) {
        throw new ForbiddenError('You are not logged in');
      }
      const member = this.channelService.getRootMember(channel, user.id);
      if (!member) {
        this.logger.warn(`[Forbidden] A user (${user.id}) attempt to subscribe a channel that they does not joined.`);
        throw new ForbiddenError('You are not a member of this channel.');
      }
    }
    return pubSub.asyncIterator(await this.eventService.getTriggerId(channelId));
  }
}
github mythal / boluo / server / src / events / events.resolver.ts View on Github external
async channelEvent(
    @Args({ name: 'channelId', type: () => ID }) channelId: string,
    @CurrentUser() user?: TokenUserInfo
  ) {
    const channel = throwApolloError(await this.channelService.findById(channelId));
    if (!channel.isPublic) {
      if (!user) {
        throw new ForbiddenError('You are not logged in');
      }
      const member = this.channelService.getRootMember(channel, user.id);
      if (!member) {
        this.logger.warn(`[Forbidden] A user (${user.id}) attempt to subscribe a channel that they does not joined.`);
        throw new ForbiddenError('You are not a member of this channel.');
      }
    }
    return pubSub.asyncIterator(await this.eventService.getTriggerId(channelId));
  }
}

apollo-server-errors

GitHub
MIT
Latest version published 3 years ago

Package Health Score

72 / 100
Full package analysis

Popular apollo-server-errors functions

Similar packages