graphql-shield 作为 Postgraphile 中的“makeProcessSchemaPlugin”

编程问答 2022-05-28

问题描述

Tried postgrphile example 但不确定哪里出错了?

我正在尝试将 graphql-shield 实现为插件

    middlewarePlugin = makeProcessSchemaPlugin((schema: typeof GraphQLSchema) => {
        return applyMiddleware(schema,permissions);
    });

permission.ts

const { rule,shield } = require("graphql-shield");

const isAuthenticated = rule()((parent: any,args: any,user: any ) => {
    return user !== null;
});

const permissions = shield({
    Query: {
        viewer: isAuthenticated
    }
});

export = permissions;

我在 postgraphile 中将中间件插件作为其他插件导入:

  appendplugins: [
            myClass.myPlugin,myClass.jsonPlace,myClass.middlewarePlugin
        ],

崩溃日志:

|构建初始架构时发生严重错误。由于 retryOnInitFail 未设置而退出错误详情: graphql | graphql |类型错误:无法读取未定义的属性“片段” graphql |在 isMiddlewareWithFragment (/home/node/app/node_modules/graphql-middleware/src/utils.ts:25:17) graphql |在 Object.isMiddlewareFunction (/home/node/app/node_modules/graphql-middleware/src/utils.ts:33:10) graphql |在 Object.validateMiddleware (/home/node/app/node_modules/graphql-middleware/src/validation.ts:9:7) graphql |在 addMiddlewaretoSchema (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:33:27) graphql |在 normalisedMiddlewares.reduceRight.schema.schema (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:91:11) graphql |在 Array.reduceRight() graphql |在 applyMiddlewareWithOptions (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:80:77) graphql |在 applyMiddleware (/home/node/app/node_modules/graphql-middleware/src/middleware.ts:132:10) graphql |挂机(/home/node/app/resolvers/test.resolver.ts:254:16) graphql |在 SchemaBuilder.applyHooks (/home/node/app/node_modules/graphile-build/src/SchemaBuilder.js:398:20)

解决方法

postgraphile 期望的中间件类型与 graphql-middleware 略有不同。我没有下载 graphql-middlewaregraphql-shield 并试图让它们使用 postgraphile,而是最终用 makeWrapResolversPlugin 编写了自己的“盾牌”。示例:

const filter = (ctx) => {
  // Only attempting to do auth for non-root things,because
  // with postgraphile,all the data gets fetched at the root
  if (ctx.scope.isRootMutation || ctx.scope.isRootQuery) {
    // return this to make it available to the wrapper function
    return ctx.scope.fieldName
  }
  // return null to not wrap this non-root resolver
  return null
}

const wrapper = (fieldName) => 
  async (resolve,source,args,context) => {
    // Unless we're doing createUser,do an auth check

    // ?
    if (fieldName === "createUser") return resolve()

    const isAuthenticated = await getIsAuthenticated(context)

    // ?
    if (isAuthenticated) return resolve()

    throw new Error("Unauthorized");
  }

const Permissions = makeWrapResolversPlugin(filter,wrapper)
postgraphile