x-graphql/field-guard

Managing access control of object fields

Maintainers

Details

github.com/x-graphql/field-guard

Source

Issues

Installs: 875

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

0.2.0 2024-04-17 02:48 UTC

Requires

Requires (Dev)

MIT c2ed70f6c09422ce5ace566e542baae1a7167aee

This package is auto-updated.

Last update: 2024-05-17 03:01:06 UTC

README

Middleware for adding security layer to GraphQL schema

unit tests codecov

Getting Started

Install this package via Composer

composer require x-graphql/field-guard

Usages

Create permissions array mapping object type name, and it fields with rule, rule can be boolean or instance of XGraphQL\FieldGuard\RuleInterface:

use GraphQL\Type\Definition\ResolveInfo;
use XGraphQL\FieldGuard\RuleInterface;

$isAdminRule = new class implements RuleInterface {
    public function allows(mixed $value, array $args, mixed $context, ResolveInfo $info) : bool{
        return $context->isAdmin();
    }
    
    public function shouldRemember(mixed $value,array $args,mixed $context,ResolveInfo $info) : bool{
        return true;
    }
};

$permissions = [
    'Query' => [
        'getUser' => true, /// all user can get user.
        'getBook' => false, /// deny all user to get book.
    ],
    'Mutation' => [
        'createUser' => $isAdminRule, /// only admin user can create user.
    ]   
];

Then create middleware with $permissions above and apply to schema:

use XGraphQL\FieldMiddleware\FieldMiddleware;
use XGraphQL\FieldGuard\FieldGuardMiddleware;

$schema = ...
$guardMiddleware = new FieldGuardMiddleware($permissions);

FieldMiddleware::apply($schema, [$guardMiddleware]);

Credits

Created by Minh Vuong