postgraphile

graphql-shield as 'makeProcessSchemaPlugin' in Postgraphile

Tried postgrphile example but not sure where mistake were done?

I am trying to implement graphql-shield as a plugin

    middlewarePlugin = makeProcessSchemaPlugin((schema: typeof GraphQLSchema) => {
        return applyMiddleware(schema, permissions);
    });

permission.ts

const { rule, shield } = require("graphql-shield");

const isAuthenticated = rule()((parent: any, args: any,  user: any ) => {
    return user !== null;
});

const permissions = shield({
    Query: {
        viewer: isAuthenticated
    }
});

export = permissions;

I import middlewarePlugin as others plugins in postgraphile:

  appendPlugins: [
            myClass.myPlugin,
            myClass.jsonPlace,
            myClass.middlewarePlugin
        ],

crash log:

| A serious error occurred when building the initial schema. Exiting because retryOnInitFail is not set. Error details: graphql | graphql | TypeError: Cannot read property 'fragment' of undefined graphql | at isMiddlewareWithFragment (/home/node/app/node_modules/graphql-middleware/src/utils.ts:25:17) graphql | at Object.isMiddlewareFunction (/home/node/app/node_modules/graphql-middleware/src/utils.ts:33:10) graphql | at Object.validateMiddleware (/home/node/app/node_modules/graphql-middleware/src/validation.ts:9:7) graphql | at addMiddlewareToSchema (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:33:27) graphql | at normalisedMiddlewares.reduceRight.schema.schema (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:91:11) graphql | at Array.reduceRight () graphql | at applyMiddlewareWithOptions (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:80:77) graphql | at applyMiddleware (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:132:10) graphql | at hook (/home/node/app/resolvers/test.resolver.ts:254:16) graphql | at SchemaBuilder.applyHooks (/home/node/app/node_modules/graphile-build/src/SchemaBuilder.js:398:20)

Solution

  • The type of middleware postgraphile expects is a little different from graphql-middleware. Instead of downloading graphql-middleware and graphql-shield and trying to get them to work with postgraphile, I ended up writing my own "shield" with makeWrapResolversPlugin. Example:

    const filter = (ctx) => {
  // Only attempting to do auth for non-root things, because
  // with postgraphile, all the data gets fetched at the root
  if (ctx.scope.isRootMutation || ctx.scope.isRootQuery) {
    // return this to make it available to the wrapper function
    return ctx.scope.fieldName
  }
  // return null to not wrap this non-root resolver
  return null
}

const wrapper = (fieldName) => 
  async (resolve, source, args, context) => {
    // Unless we're doing createUser, do an auth check

    // 👍
    if (fieldName === "createUser") return resolve()

    const isAuthenticated = await getIsAuthenticated(context)

    // 👍
    if (isAuthenticated) return resolve()

    throw new Error("Unauthorized");
  }

const Permissions = makeWrapResolversPlugin(filter, wrapper)