module GraphqlAuthorize::FieldResolveStep

Public Instance Methods

call(_parent_type, parent_object, field_definition, field_args, context, _next = nil) click to toggle source

rubocop:disable Metrics/ParameterLists

Calls superclass method
# File lib/graphql_authorize/ext/field_resolve_step.rb, line 6
def call(_parent_type, parent_object, field_definition, field_args, context, _next = nil)
  if authorized?(field_definition, parent_object, field_args, context)
    super
  else
    GraphQL::ExecutionError.new(
      I18n.t("graphql_authorize.graphql.accessdenied", name: field_definition.name)
    )
  end
end

Private Instance Methods

auth_adapter() click to toggle source
# File lib/graphql_authorize/ext/field_resolve_step.rb, line 31
def auth_adapter
  GraphqlAuthorize.config.auth_adapter
end
authorized?(field_definition, object, args, context) click to toggle source

rubocop:enable Metrics/ParameterLists

# File lib/graphql_authorize/ext/field_resolve_step.rb, line 19
def authorized?(field_definition, object, args, context)
  return true if field_definition.authorize.nil?

  if field_definition.authorize.is_a?(Proc)
    return field_definition.authorize.call(object, args, context)
  end

  return false if auth_adapter.nil?

  auth_adapter.new(field_definition, context).authorize
end