graphql-mesh
graphql-mesh copied to clipboard
ardatan
feat(options) postgraphile: add contextOptions to allow custom jwt claims
Description
Please include a summary of the change and which issue is fixed. Please also include relevant motivation and context. List any dependencies that are required for this change.
This adds contextOptions to list of possible options for the postgraphile handler.
Currently the postgraphile handler only exposes buildOptions (called just options in the docs) which per the postgraphile docs cannot be used to specify pgSettings
Our production postgres deployment makes use of row level security rules that require custom jwt claims, which is fully supported in postgraphile via the pgSettings object.
However graphql-mesh doen't provide any way to define pgSettings. This PR allows the user to change postgraphile's context settings (which is where pgSettings needs to be defined).
Just like the regular postgraphile build options, it is optional whether or not to specify this.
Fixes #3913
Type of change
Please delete options that are not relevant.
- [x] New feature (non-breaking change which adds functionality)
- [x] This change requires a documentation update
How Has This Been Tested?
Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration
- [x] I tested my changes locally using the use-case mentioned in the ticket.
- Given the only test there is for this handler is
it('dummy', async () => {});I'm not familiar enough with the test methods for the graphql-mesh server, to set up a full test method and suit for adding this extra option.
Test Environment: Real project using graphql-mesh with postgraphile.
- OS: MacOS
- "@graphql-mesh/postgraphile": "^0.20.9",
- NodeJS: 16.x & 18.0
Checklist:
- [x] I have followed the CONTRIBUTING doc and the style guidelines of this project
- [x] I have performed a self-review of my own code
- [x] I have commented my code, particularly in hard-to-understand areas
- [x] I have made corresponding changes to the documentation
- [x] My changes generate no new warnings
- [ ] I have added tests that prove my fix is effective or that my feature works
- [x] New and existing unit tests and linter rules pass locally with my changes
Further comments
If this is a relatively large or complex change, kick off the discussion by explaining why you chose the solution you did and what alternatives you considered, etc...
For my use-case I only need the pgSettings to be exposed in a function with access to the request or context so I can add the necessary jwt claim tokens to get postgraphile to respect our postgres Row Level Security rules.
My first thought was to only expose pgSettings, but in case anyone needs to overwrite some of the other context options in the future, I opted to expose a contextOptions function, that just like the regular options spreads and overwrites and default settings if the user chooses to do so.
I would be happy to have a discussion if there's any other way to implement this, but it seems like a pretty straight forward option.
🦋 Changeset detected
Latest commit: e2ff960fa6fe63fd7d6161802f27fadf14ce49b9
The changes in this PR will be included in the next version bump.
This PR includes changesets to release 47 packages
| Name | Type |
|---|---|
| @graphql-mesh/postgraphile | Patch |
| @graphql-mesh/types | Patch |
| postgres-geodb-example | Patch |
| @graphql-mesh/cli | Patch |
| auth0-example | Patch |
| cloudflare-workers | Patch |
| example-gcp | Patch |
| graphql-file-upload-example | Patch |
| grpc-example | Patch |
| grpc-reflection-example | Patch |
| hasura-openbrewery-geodb | Patch |
| hello-world-esm | Patch |
| json-schema-hello-world | Patch |
| covid-mesh | Patch |
| json-schema-example | Patch |
| json-schema-fhir | Patch |
| json-schema-file-upload | Patch |
| json-schema-subscriptions | Patch |
| mongoose-example | Patch |
| mysql-employees | Patch |
| mysql-rfam | Patch |
| neo4j-example | Patch |
| nextjs-apollo-example | Patch |
| nextjs-sdk-example | Patch |
| odata-microsoft-graph-example | Patch |
| odata-msgraph-programmatic-ts | Patch |
| odata-msgraph-programmatic | Patch |
| odata-trippin-example | Patch |
| javascript-wiki | Patch |
| typescript-location-weather-example | Patch |
| openapi-meilisearch | Patch |
| openapi-stackexchange | Patch |
| openapi-stripe | Patch |
| openapi-subscriptions | Patch |
| openapi-youtrack | Patch |
| openwhisk-example | Patch |
| programmatic-batching-example | Patch |
| reddit-example | Patch |
| country-info-example | Patch |
| soap-demo | Patch |
| soap-netsuite | Patch |
| spacex-cfw | Patch |
| chinook | Patch |
| thrift-calculator | Patch |
| type-merging-batching-example | Patch |
| federation-gateway | Patch |
| gateway-example | Patch |
Not sure what this means? Click here to learn what changesets are.
Click here if you're a maintainer who wants to add another changeset to this PR
![changeset-bot[bot] avatar](https://avatars.githubusercontent.com/in/28616?v=4 "Published by a pub.dev verified publisher"){kind=small}
@MarkLyck is attempting to deploy a commit to the The Guild Team on Vercel.
A member of the Team first needs to authorize it.
![vercel[bot] avatar](https://avatars.githubusercontent.com/in/8329?v=4 "Published by a pub.dev verified publisher"){kind=small}