@envelop/operation-field-permissions
Version:
Disallow executing operations that select certain fields. Useful if you want to restrict the scope of certain public API users to a subset of the public GraphQL schema, without triggering execution (e.g. how [graphql-shield](https://github.com/maticzav/gr
19 lines (18 loc) • 687 B
text/typescript
import { Plugin, PromiseOrValue } from '@envelop/core';
declare const OPERATION_PERMISSIONS_SYMBOL: unique symbol;
type ScopeContext = {
allowAll: boolean;
wildcardTypes: Set<string>;
schemaCoordinates: Set<string>;
};
type OperationScopeRuleOptions = {
formatError: (schemaCoordinate: string) => string;
};
type OperationScopeOptions<TContext> = {
getPermissions: (context: TContext) => PromiseOrValue<Set<string> | string>;
formatError?: OperationScopeRuleOptions['formatError'];
};
export declare const useOperationFieldPermissions: <TContext>(opts: OperationScopeOptions<TContext>) => Plugin<{
[OPERATION_PERMISSIONS_SYMBOL]: ScopeContext;
}>;
export {};