Change default behaviour of dataFetchers #3719

aman8949 · 2024-10-08T07:01:14Z

aman8949
Oct 8, 2024

We have an authorization directive where we are using SchemaDirectiveWiring to authorize the User at runtime. Also, the fields to which the directive is applied and authorization is successful should be visible in the response, else all other fields which were queried by the user but if the directive is not applied to them should not be returned in the response.

Basically, I need to restrict the fields to be returned to which no directive is applied to them.

Example-

GraphQL Schema

extend type Query {

    verifyTicket(responseFilter: ResponseFilter): Response 

    verifyOfflineAccess(responseFilter: ResponseFilter): Response @policy
}

GraphQL Request Body

query ($responseFilter: ResponseFilter){
    verifyTicket(responseFilter:$responseFilter) {
        title
        releaseYear
    }
    verifyOfflineAccess(responseFilter:$responseFilter) {
        title
        releaseYear
    }
}

Expected Response

Since, authorization is going to happen for verifyOfflineAccess that should return the result but verifyTicket should be null and throw UnAuthroized Errors

bbakerman · 2024-10-12T05:17:08Z

bbakerman
Oct 12, 2024
Collaborator

Something like is what you want

    class AuthorisationDirective implements SchemaDirectiveWiring {

        @Override
        public GraphQLFieldDefinition onField(SchemaDirectiveWiringEnvironment<GraphQLFieldDefinition> environment) {
            String targetAuthRole = (String) environment.getDirective().getArgument("role").getArgumentValue().getValue();

            //
            // build a data fetcher that first checks authorisation roles before then calling the original data fetcher
            //
            DataFetcher originalDataFetcher = environment.getFieldDataFetcher();
            DataFetcher authDataFetcher = new DataFetcher() {
                @Override
                public Object get(DataFetchingEnvironment dataFetchingEnvironment) throws Exception {
                    Map<String, Object> contextMap = dataFetchingEnvironment.getContext();
                    AuthorisationCtx authContext = (AuthorisationCtx) contextMap.get("authContext");

                    if (authContext.hasRole(targetAuthRole)) {
                        return originalDataFetcher.get(dataFetchingEnvironment);
                    } else {
                        return null;
                    }
                }
            };
            //
            // now change the field definition to have the new authorising data fetcher
            return environment.setFieldDataFetcher(authDataFetcher);
        }

See https://www.graphql-java.com/documentation/sdl-directives

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Change default behaviour of dataFetchers #3719

Uh oh!

{{title}}

Uh oh!

Uh oh!

{{editor}}'s edit

{{editor}}'s edit

Uh oh!

Replies: 1 comment

Uh oh!

{{title}}

Uh oh!

Select a reply

Uh oh!

Change default behaviour of dataFetchers #3719

Uh oh!

Uh oh!

aman8949 Oct 8, 2024

Replies: 1 comment

Uh oh!

bbakerman Oct 12, 2024 Collaborator

aman8949
Oct 8, 2024

bbakerman
Oct 12, 2024
Collaborator