Skip to content

Commit

Permalink
πŸ“ Document auth decorators usage
Browse files Browse the repository at this point in the history
  • Loading branch information
Pl217 committed Nov 17, 2021
1 parent 7bd4855 commit a2a8a1b
Showing 1 changed file with 29 additions and 0 deletions.
29 changes: 29 additions & 0 deletions docs/AUTH.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,29 @@
# Authentication

Authentication can be used as a guard on a field, query or mutation, restricting data access or actions for a specific group of users.

Since the codebase uses TypeGraphQL, which relies heavily on decorators, authentication is also done using decorators.

Authentication is done with use of `@Permission` decorator. This decorator takes function as an argument with permission object as a return value.

For example:

```lang=js
@Permission(({ args }) =>
Promise.resolve({
or: [
{ type: 'global', permission: P.global.VIEW_ANY_PLAN_DATA },
{ type: 'plan', permission: P.plan.VIEW_DATA, id: args.id },
],
})
)
```

If only global permission check is needed, it can be used directly:

```lang=js
@Permission({
type: 'global',
permission: P.global.VIEW_ALL_JOBS,
})
```

0 comments on commit a2a8a1b

Please sign in to comment.