Add permission management
Signed-off-by: trivernis <trivernis@protonmail.com>pull/3/head
parent
b61dfa8810
commit
96916b0fd1
@ -0,0 +1,17 @@
|
|||||||
|
/* eslint no-unused-vars: 0 */
|
||||||
|
export enum Permission {
|
||||||
|
ReadBike = 'BIKE_READ',
|
||||||
|
WriteBike = 'BIKE_WRITE',
|
||||||
|
}
|
||||||
|
|
||||||
|
// Permissions where the creation will be requested on startup
|
||||||
|
export const requiredPermissions = [
|
||||||
|
{
|
||||||
|
name: Permission.ReadBike,
|
||||||
|
description: 'Allows to read of bike information'
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: Permission.WriteBike,
|
||||||
|
description: 'Allows the modification of bike information'
|
||||||
|
}
|
||||||
|
]
|
@ -1,10 +1,23 @@
|
|||||||
|
import { Permission } from '../datasources/userserver/permission'
|
||||||
|
import { GraphQLError } from 'graphql'
|
||||||
|
|
||||||
export default {
|
export default {
|
||||||
Query: {
|
Query: {
|
||||||
CargobikeById: (_: any, { id, token }:{id: any, token: string}, { dataSources }:{dataSources: any}) =>
|
CargobikeById: (_: any, { id, token }:{id: any, token: string}, { dataSources, req }:{dataSources: any, req: any }) => {
|
||||||
dataSources.cargoBikeAPI.findCargoBikeById({ id, token })
|
if (req.permissions.includes(Permission.ReadBike)) {
|
||||||
|
return dataSources.cargoBikeAPI.findCargoBikeById({ id, token })
|
||||||
|
} else {
|
||||||
|
throw new GraphQLError('Insufficient Permissions')
|
||||||
|
}
|
||||||
|
}
|
||||||
},
|
},
|
||||||
Mutation: {
|
Mutation: {
|
||||||
addBike: (_:any, { id, token, name }:{id: any, token: string, name:string}, { dataSources }:{dataSources: any }) =>
|
addBike: (_: any, { id, token, name }:{id: any, token: string, name:string}, { dataSources, req }:{dataSources: any, req: any }) => {
|
||||||
dataSources.cargoBikeAPI.updateBike({ id, token, name })
|
if (req.permissions.includes(Permission.WriteBike)) {
|
||||||
|
return dataSources.cargoBikeAPI.updateBike({ id, token, name })
|
||||||
|
} else {
|
||||||
|
throw new GraphQLError('Insufficient Permissions')
|
||||||
|
}
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue