Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
async (parent, args, ctx, info) => {
return ctx.user.role === 'admin'
},
)
const isEditor = rule({ cache: 'contextual' })(
async (parent, args, ctx, info) => {
return ctx.user.role === 'editor'
},
)
// Permissions
const permissions = shield({
Query: {
frontPage: not(isAuthenticated),
fruits: and(isAuthenticated, or(isAdmin, isEditor)),
customers: and(isAuthenticated, isAdmin),
},
Mutation: {
addFruitToBasket: isAuthenticated,
},
Fruit: isAuthenticated,
Customer: isAdmin,
})
const server = GraphQLServer({
typeDefs,
resolvers,
middlewares: [permissions],
context: req => ({
...req,
import { isAuthenticated } from '@src/auth/auth.rules';
import { not } from 'graphql-shield';
const pingPermissions = {
Query: {
ping: not(isAuthenticated),
pingAuthenticated: isAuthenticated
}
};
export default pingPermissions;