mirror of
https://github.com/ash-project/ash_graphql.git
synced 2024-09-19 12:53:40 +12:00
make sure generic actions are authorized
This commit is contained in:
parent
c1845b2225
commit
ef711a7ba4
3 changed files with 19 additions and 2 deletions
|
@ -41,11 +41,17 @@ defmodule AshGraphql.Graphql.Resolver do
|
||||||
:gql_query,
|
:gql_query,
|
||||||
query_name,
|
query_name,
|
||||||
metadata do
|
metadata do
|
||||||
|
opts = [
|
||||||
|
actor: Map.get(context, :actor),
|
||||||
|
authorize?: AshGraphql.Api.Info.authorize?(api),
|
||||||
|
tenant: Map.get(context, :tenant)
|
||||||
|
]
|
||||||
|
|
||||||
result =
|
result =
|
||||||
%Ash.ActionInput{api: api, resource: resource}
|
%Ash.ActionInput{api: api, resource: resource}
|
||||||
|> Ash.ActionInput.set_context(get_context(context))
|
|> Ash.ActionInput.set_context(get_context(context))
|
||||||
|> Ash.ActionInput.for_action(action.name, arguments)
|
|> Ash.ActionInput.for_action(action.name, arguments)
|
||||||
|> api.run_action()
|
|> api.run_action(opts)
|
||||||
|> case do
|
|> case do
|
||||||
{:ok, result} ->
|
{:ok, result} ->
|
||||||
load_opts =
|
load_opts =
|
||||||
|
|
|
@ -16,7 +16,7 @@ defmodule AshGraphql.GenericActionsTest do
|
||||||
postCount
|
postCount
|
||||||
}
|
}
|
||||||
"""
|
"""
|
||||||
|> Absinthe.run(AshGraphql.Test.Schema)
|
|> Absinthe.run(AshGraphql.Test.Schema, context: %{actor: %{id: "an-actor"}})
|
||||||
|
|
||||||
assert {:ok, result} = resp
|
assert {:ok, result} = resp
|
||||||
|
|
||||||
|
|
|
@ -94,10 +94,21 @@ defmodule AshGraphql.Test.Post do
|
||||||
|
|
||||||
use Ash.Resource,
|
use Ash.Resource,
|
||||||
data_layer: Ash.DataLayer.Ets,
|
data_layer: Ash.DataLayer.Ets,
|
||||||
|
authorizers: [Ash.Policy.Authorizer],
|
||||||
extensions: [AshGraphql.Resource]
|
extensions: [AshGraphql.Resource]
|
||||||
|
|
||||||
require Ash.Query
|
require Ash.Query
|
||||||
|
|
||||||
|
policies do
|
||||||
|
policy always() do
|
||||||
|
authorize_if(always())
|
||||||
|
end
|
||||||
|
|
||||||
|
policy action(:count) do
|
||||||
|
authorize_if(actor_present())
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
graphql do
|
graphql do
|
||||||
type :post
|
type :post
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue