From a2a8a1b991534eb6ed59c487ca0b367cf044c9ed Mon Sep 17 00:00:00 2001 From: Pl217 Date: Fri, 18 Jun 2021 14:24:44 +0200 Subject: [PATCH] =?UTF-8?q?=F0=9F=93=9D=20Document=20auth=20decorators=20u?= =?UTF-8?q?sage?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- docs/AUTH.md | 29 +++++++++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 docs/AUTH.md diff --git a/docs/AUTH.md b/docs/AUTH.md new file mode 100644 index 00000000..dae6764d --- /dev/null +++ b/docs/AUTH.md @@ -0,0 +1,29 @@ +# Authentication + +Authentication can be used as a guard on a field, query or mutation, restricting data access or actions for a specific group of users. + +Since the codebase uses TypeGraphQL, which relies heavily on decorators, authentication is also done using decorators. + +Authentication is done with use of `@Permission` decorator. This decorator takes function as an argument with permission object as a return value. + +For example: + +```lang=js +@Permission(({ args }) => + Promise.resolve({ + or: [ + { type: 'global', permission: P.global.VIEW_ANY_PLAN_DATA }, + { type: 'plan', permission: P.plan.VIEW_DATA, id: args.id }, + ], + }) +) +``` + +If only global permission check is needed, it can be used directly: + +```lang=js +@Permission({ + type: 'global', + permission: P.global.VIEW_ALL_JOBS, +}) +```