@neo4j/graphql/dist/schema/validation/custom-rules/directives/authorization.js

A GraphQL to Cypher query execution layer for Neo4j and JavaScript GraphQL implementations

"use strict";
/*
 * Copyright (c) "Neo4j"
 * Neo4j Sweden AB [http://neo4j.com]
 *
 * This file is part of Neo4j.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
Object.defineProperty(exports, "__esModule", { value: true });
exports.validateAuthorizationDirective = validateAuthorizationDirective;
const authentication_1 = require("../../../../graphql/directives/type-dependant-directives/authentication");
const authorization_1 = require("../../../../graphql/directives/type-dependant-directives/authorization");
const utils_1 = require("../../../../utils/utils");
const document_validation_error_1 = require("../utils/document-validation-error");
const is_in_node_type_1 = require("../utils/location-helpers/is-in-node-type");
const is_in_root_type_1 = require("../utils/location-helpers/is-in-root-type");
const is_node_type_1 = require("../utils/location-helpers/is-node-type");
const path_parser_1 = require("../utils/path-parser");
function validateAuthorizationDirective(context) {
    const typeMapWithExtensions = context.typeMapWithExtensions;
    if (!typeMapWithExtensions) {
        throw new Error("No typeMapWithExtensions found in the context");
    }
    return {
        FieldDefinition(fieldDefinitionNode, _key, _parent, path, ancestors) {
            const authorizationDirective = fieldDefinitionNode.directives?.find((directive) => directive.name.value === authorization_1.authorizationDirectiveScaffold.name);
            if (!authorizationDirective) {
                return;
            }
            const isValidLocation = (0, is_in_node_type_1.fieldIsInNodeType)({ path, ancestors, typeMapWithExtensions });
            const { isValid, errorMsg } = (0, document_validation_error_1.assertValid)(() => {
                if (!isValidLocation) {
                    // add specific error message for Root types usage
                    if ((0, is_in_root_type_1.fieldIsInRootType)({ path, ancestors, typeMapWithExtensions })) {
                        throw new document_validation_error_1.DocumentValidationError(`Directive @${authorization_1.authorizationDirectiveScaffold.name} is not supported on fields of the Query type. Did you mean to use @${authentication_1.authenticationDirectiveScaffold.name}?`, []);
                    }
                    throw new document_validation_error_1.DocumentValidationError(`Directive "@${authorization_1.authorizationDirectiveScaffold.name}" requires in a type with "@node"`, []);
                }
                if (authorizationDirective.arguments?.length === 0) {
                    throw new document_validation_error_1.DocumentValidationError(`@${authorization_1.authorizationDirectiveScaffold.name} requires at least one of ${[...authorization_1.authorizationDirectiveScaffold.args.map((arg) => arg.name)].join(", ")} arguments`, []);
                }
            });
            const pathToNode = (0, path_parser_1.getPathToNode)(path, ancestors);
            if (!isValid) {
                context.reportError((0, document_validation_error_1.createGraphQLError)({
                    nodes: [fieldDefinitionNode],
                    path: [...pathToNode[0], `@${authorization_1.authorizationDirectiveScaffold.name}`],
                    errorMsg,
                }));
            }
        },
        ObjectTypeDefinition(objectTypeDefinitionNode, _key, _parent, path, ancestors) {
            const { directives } = objectTypeDefinitionNode;
            const objectTypeExtensionNodes = typeMapWithExtensions[objectTypeDefinitionNode.name.value]?.extensions;
            const extensionsDirectives = (0, utils_1.asArray)(objectTypeExtensionNodes).flatMap((extensionNode) => {
                return extensionNode.directives ?? [];
            });
            const allDirectives = [...(directives ?? []), ...extensionsDirectives];
            const authorizationDirective = allDirectives.find((directive) => directive.name.value === authorization_1.authorizationDirectiveScaffold.name);
            if (!authorizationDirective) {
                return;
            }
            const isValidLocation = (0, is_node_type_1.typeIsANodeType)({ objectTypeDefinitionNode, typeMapWithExtensions });
            const { isValid, errorMsg } = (0, document_validation_error_1.assertValid)(() => {
                if (!isValidLocation) {
                    throw new document_validation_error_1.DocumentValidationError(`Directive "@${authorization_1.authorizationDirectiveScaffold.name}" requires in a type with "@node"`, []);
                }
                if (authorizationDirective.arguments?.length === 0) {
                    throw new document_validation_error_1.DocumentValidationError(`@${authorization_1.authorizationDirectiveScaffold.name} requires at least one of ${authorization_1.authorizationDirectiveScaffold.args.join(", ")} arguments`, []);
                }
            });
            const pathToNode = (0, path_parser_1.getPathToNode)(path, ancestors);
            if (!isValid) {
                context.reportError((0, document_validation_error_1.createGraphQLError)({
                    nodes: [objectTypeDefinitionNode],
                    path: [...pathToNode[0], `@${authorization_1.authorizationDirectiveScaffold.name}`],
                    errorMsg,
                }));
            }
        },
    };
}
//# sourceMappingURL=authorization.js.map