is it possible, in prisma 2, to use permission bas...
# orm-helpi
Ippo
05/23/2020, 3:00 AMis it possible, in prisma 2, to use permission based authorization?
with that I mean:
a user have many roles
a role has many permissions
r
Ryan
05/25/2020, 8:34 AMHey @Ippo 👋
You can use GraphQL Shield where you can directly add permissions in the following manner:
Copy code
const permissions = shield({
Query: {
frontPage: not(isAuthenticated),
fruits: and(isAuthenticated, or(isAdmin, isEditor)),
customers: and(isAuthenticated, isAdmin),
},
Mutation: {
addFruitToBasket: isAuthenticated,
},
Fruit: isAuthenticated,
Customer: isAdmin,
})
const server = new GraphQLServer({
typeDefs,
resolvers,
middlewares: [permissions],
context: (req) => ({
...req,
user: getUser(req),
}),
})i
Ippo
05/25/2020, 5:58 PMHi Ryan, thanks for your answer
the solution you showed me is not flexible enough because you are working with permissions directly, I mean a user has a permission or not
Ippo
05/25/2020, 5:58 PMin my case its different, in my case a user have one or many roles
Ippo
05/25/2020, 5:59 PMand the roles are like containers that has permissions
Ippo
05/25/2020, 5:59 PMso what you can do is to create your own custom role and put the permissions that are available
r
Ryan
05/26/2020, 6:28 AMIt's possible to use Shield in this case as well.
You can combine multiple roles and return the conditions based on those. It would be like composing those permissions and getting the final result.
3 Views