Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

How to handle pagination #550

Closed
1 task done
HugoLiconV opened this issue Oct 24, 2019 · 5 comments
Closed
1 task done

How to handle pagination #550

HugoLiconV opened this issue Oct 24, 2019 · 5 comments
Labels
kind/question Developer asked a question. No code changes required.

Comments

@HugoLiconV
Copy link

Question about GraphQL Shield

I'm using Prisma and the way I'm handling pagination is this one:

getBranchOffices(where: BranchOfficeWhereInput, orderBy: BranchOfficeOrderByInput, skip: Int, after: String, before: String, first: Int, last: Int): BranchOfficePayload

type BranchOfficePayload {
  branchOffices: [BranchOffice]!
  count: Int!
}

type BranchOffice {
  id: Int!
  name: String!
  ...
}
async function getBranchOffices(parent, args, context, info) {
    const branchOffices = await context.prisma.branchOffices(args);
    const count = await context.prisma
      .branchOfficesConnection({ where: args.where })
      .aggregate()
      .count()
    return {
      branchOffices,
      count,
    }
}

And this is how I handle permissions:
There are branch offices that need to be shown to some users but be hidden for others. So what we do is create a permission for every branch e.g. BRANCH_1, BRANCH_2.

const canViewBranchOffice = rule({ cache: 'strict' })(async (parent, args, context, info) => {
  const branchId = parent.id
  const userPermissions = context.request.user;
  const hasPermission = userPermissions.find(({name}) => {
    return name.toLowerCase().includes(`branch_${branchId}`);
  })
  return !!hasPermission;
});

module.exports = {
  isAuthenticated,
  canViewBranchOffice
};

const permissions = shield(
  {
    Query: {
      '*': rules.isAuthenticated
    },
    Mutation: {
      '*': rules.isAuthenticated
    },
    BranchOffice: rules.canViewBranchOffice
  }
);

My main problem is that I don't know how to update count with the total number of branch offices the user has access to.

Also, this is my first time trying to implement authorization, at least in the way I described above, so I'm not sure if it is the correct approach, so I'm open to sugestions

  • I have checked other questions and found none that matches mine.
@open-collective-bot
Copy link

Hey @HugoLiconV 👋,

Thank you for opening an issue. We will get back to you as soon as we can. Also, check out our Open Collective and consider contributing financially.

https://opencollective.com/graphql-shield

PS.: We offer priority support for all financial contributors. Don't forget to add priority label once you start contributing 😄

@Silverutm
Copy link

Having similar problems, any update in the issue?

@redemtiom
Copy link

I was just looking for something similar, any solution?

@maticzav
Copy link
Owner

Hey @HugoLiconV 👋,

Thank you for posting the question and for being so patient with my response. Have you by chance thought of introducing a new relationship that would determine who has access to which branches? This way you could filter branches before paginating them.

Do you think that could work?

@maticzav maticzav added the kind/question Developer asked a question. No code changes required. label Nov 30, 2019
@maticzav maticzav pinned this issue Nov 30, 2019
@stale
Copy link

stale bot commented Jan 14, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

@stale stale bot added the stale label Jan 14, 2020
@stale stale bot closed this as completed Jan 24, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/question Developer asked a question. No code changes required.
Projects
None yet
Development

No branches or pull requests

4 participants