-
Notifications
You must be signed in to change notification settings - Fork 0
/
graphcool.yml
104 lines (90 loc) · 3.27 KB
/
graphcool.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
types: ./types.graphql
# Permission rules
permissions:
# Only authenticated users can **read** nodes of type `Department`
- operation: Department.read
authenticated: true
# To **update** a node of type `Deparment`, a `User` must be
# authenticated and `ADMIN`
- operation: Department.update
authenticated: true
query: src/permissions/Department.graphql:UpdateDepartment
# To **delete** a node of type `Deparment`, a `User` must be
# authenticated and `ADMIN`
- operation: Department.delete
authenticated: true
query: src/permissions/Department.graphql:DeleteDepartment
# To **create** a node of type `Deparment`, a `User` must be
# authenticated and `ADMIN`
- operation: Department.create
authenticated: true
query: src/permissions/Department.graphql:CreateDepartment
# Everyone can **read** the non-private fields on
# nodes of type `User`
- operation: User.read
authenticated: true
fields:
- firstName
- lastName
- description
- avatar
- age
- department
# To **update** the non-private fields on
# a node of type `User`, a `User` must be:
# authenticated and either the "owner" of the `User` or an `ADMIN`
# (see the permission query `UpdateUserData` in src/permissions/User.graphql)
- operation: User.update
authenticated: true
query: src/permissions/User.graphql:UpdateUserData
fields:
- email
- password
- firstName
- lastName
- description
- avatar
- age
- department
# To **update** the fields `role` on a node of type `User`,
# a `User` must be: authenticated and an `ADMIN`
# (see the permission query `UpdateUserRole` in src/permissions/User.graphql)
- operation: User.update
authenticated: true
query: src/permissions/User.graphql:UpdateUserRole
fields:
- role
# To **delete** a node of type `User`, a `User` must be:
# authenticated and either the "owner" of the `User` or an `ADMIN`
# (see the permission query `DeleteUser` in src/permissions/User.graphql)
- operation: User.delete
authenticated: true
query: src/permissions/User.graphql:DeleteUser
# To connect and disconnect a `Department` node with a `User` node via the
# `DepartmentEmployees` relation, a `User` must be authenticated and `ADMIN`
- operation: DepartmentEmployees.connect
authenticated: true
query: src/permissions/DepartmentEmployees.graphql:addToDepartmentEmployees
- operation: DepartmentEmployees.disconnect
authenticated: true
query: src/permissions/DepartmentEmployees.graphql:removeFromDepartmentEmployees
# Serverless functions implementing "email-password"-based authentication
functions:
# `resolver` function to create a new `User` node
signup:
type: resolver
schema: src/email-password/signup.graphql
handler:
code: src/email-password/signup.js
# `resolver` function to authenticate an existing `User` node
authenticate:
type: resolver
schema: src/email-password/authenticate.graphql
handler:
code: src/email-password/authenticate.js
# `resolver` function to check whether a request is authenticated
loggedInUser:
type: resolver
schema: src/email-password/loggedInUser.graphql
handler:
code: src/email-password/loggedInUser.js