django-graphene-permissions icon indicating copy to clipboard operation
django-graphene-permissions copied to clipboard

Published 20 hours ago verified publisher icon taoufik07

Work without relay.Node interfaces

Open metakot opened this issue 6 years ago • 3 comments

Can this package work without relay.Node interfaces? Checking for permissions happens in get_node func, but if used without relay, this func never gets called.

metakot avatar Dec 03 '18 20:12 metakot

You can, but you need to use the permissions_checker decorator on the object resolver

class Query(graphene.ObjectType):
    category = graphene.Field(CategoryType, id=graphene.Int())
    categories = graphene.List(CategoryType)

    @permissions_checker([IsAuthenticated])
    def resolve_category(self, info, **kwargs):
        id = kwargs.get('id')
        return Category.objects.get(pk=id)

    @permissions_checker([IsAuthenticated])
    def resolve_categories(self, info, **kwargs):
        return Category.objects.all()

taoufik07 avatar Dec 03 '18 21:12 taoufik07

Oh yeah, I saw that in docs, but it can be more convenient to use it without decorating every resolver, something like that:

class CategoryType(PermissionDjangoObjectType):
    class Meta:
        model = Category

    @staticmethod
    def permission_classes():
        return [IsAuthenticated]

class Query(graphene.ObjectType):
    category = graphene.Field(CategoryType, id=graphene.Int())

    def resolve_category(self, info, **kwargs):
        # etc

This affects how default_resolver is evaluating and will require some additional work on PermissionDjangoObjectType or even another subclass for queries. You can consider it a feature request =)

metakot avatar Dec 04 '18 17:12 metakot

I will work on it when I got some free time, Thanks :)

taoufik07 avatar Dec 04 '18 18:12 taoufik07