Let say I have following schema
type Org {
vp: Person!
employees: [Person!]!
}
type Person {
id: ID!
name: String!
grade: String! @auth
}
I have auth directive implemented in DGS as below
@DgsDirective(name = "auth")
public class PrincipleAuthorizationDirective implements SchemaDirectiveWiring {
@Override
public GraphQLFieldDefinition onField(SchemaDirectiveWiringEnvironment<GraphQLFieldDefinition> environment) {
GraphQLFieldDefinition field = environment.getElement();
GraphQLFieldsContainer parentType = environment.getFieldsContainer();
DataFetcher originalDataFetcher = environment.getCodeRegistry().getDataFetcher(parentType, field);
DataFetcher authDataFetcher = new DataFetcher() {
@Override
public Object get(DataFetchingEnvironment dataFetchingEnvironment) throws Exception {
CustomContext context = DgsContext.getCustomContext(dataFetchingEnvironment);
String requesterId = context.getPrincipleId();
// Get VP of this org. Which is like dataFetchingEnvironment.getSource().getSource().getSource()
String VP_ID;
if(!requesterId.equals(VP_ID)){
throw new ForbiddenException(field.getName());
}
Object o = originalDataFetcher.get(dataFetchingEnvironment);
return o;
}
};
// now change the field definition to have the new authorising data fetcher
environment.getCodeRegistry().dataFetcher(parentType, field, authDataFetcher);
return field;
}
}
As you can see, I want to get hold of Org->Vp->Person->id and match it with requesterId from security context. How do I get VP? I know that object hierarchy has Org` always. I.e query is always through Org. Just don’t know how to get access to it from above directive.
Note: I am using data loader.
asked 35 mins ago
JagsJags
8098 silver badges19 bronze badges