Sha256: 468c970f8d3ca2cdb26a818202648406f8b6432c6a5e02cbc96839e630ce2c04
Contents?: true
Size: 1.21 KB
Versions: 1
Compression:
Stored size: 1.21 KB
Contents
require 'pundit'
module GraphQL
module Pundit
class Instrumenter
attr_reader :current_user
def initialize(current_user = :current_user)
@current_user = current_user
end
def instrument(_type, field)
if field.metadata[:authorize]
old_resolve = field.resolve_proc
resolve_proc = resolve_proc(current_user,
old_resolve,
field.metadata[:authorize])
field.redefine do
resolve resolve_proc
end
else
field
end
end
def resolve_proc(current_user, old_resolve, options)
lambda do |obj, args, ctx|
query = options[:query].to_s + '?'
record = options[:record] || obj
begin
unless ::Pundit.authorize(ctx[current_user], record, query)
raise ::Pundit::NotAuthorizedError
end
old_resolve.call(obj, args, ctx)
rescue ::Pundit::NotAuthorizedError
if options[:raise]
raise GraphQL::ExecutionError,
"You're not authorized to do this"
end
end
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| graphql-pundit-0.1.0 | lib/graphql-pundit/instrumenter.rb |