I just got into using this tool so please bare wit...
# prisma-whats-new
m
I just got into using this tool so please bare with me if this is a stupid question. How do I add a field to a model but prevent people from querying it. Example is Passwords. I tried using permissions and I must be doing something wrong
a
There is no such thing as a stupid question 🙂 You can override the type in your application schema, basically.
You define the
User
type in your application schema again and omit the
password
field.
m
But how do you then go about saving it to the model… do you have a code snippet?
a
You would define an own mutation in your application layer, like:
Copy code
input RegisterInput {
    username: String!
    password: String!
}

type User {
  id: ID!
  username: String!
}

type Mutation {
  register(input: RegisterInput!): User!
}
In your actual
register
resolver function:
Copy code
const register = (parent, args, context, info) => context.db.mutation.createUser({
        data: {...}
    }, info);
Here you persist the actual user object and return the result. Due to the fact that you've defined the
User
type in your application schema with less fields, the return value won't contain more fields. The result will be "sliced" accurately, so to speak 🙂 Hope that helps.
m
Oh ok… I for some reason thought that MySQL was looking for connected columns to fields but if it is this dynamic graphcool is more flexible than I had originally thought
or are you talking about prisma
a
Sorry had a typo in my snippet above .. fixed it.
Yeah, the example is meant to be used with Prisma.
m
does it still work with graphcool? The only thing I am finding is if I use Permissions I need to remove all
- operation: "*"
But even then it is not ideal it is just returning errors when trying to access the field. I think that this sort of fixes it though.