FEATURE: get constraints for arbitrary type (#8)

* FEATURE: get constraints for arbitrary type * @joindeed/mongoose-models-1.2.0
joindeed · Oct 31, 2022 · ab89d0c · ab89d0c
1 parent 60d8d40
commit ab89d0c
Show file tree

Hide file tree

Showing 3 changed files with 44 additions and 4 deletions.
diff --git a/README.md b/README.md
@@ -104,6 +104,23 @@ resolve: async (parent, args, context) => {
     }
   }))
 }
+```
+
+Additionally, if you want to make any arbitrary Prisma query not related to the GraphQL return type at all (e.g. say you want to count something and get the count with respect to the constraints),
+and want to get the `where` constraints for it, you may leave the `path` argument empty and only provide the `type`:
+
+```js
+resolve: async (parent, args, context) => {
+  return context.prisma.users.count(context.withAuth({
+    where: {
+      some: 'query'
+    }
+  }, undefined, 'UserType'))
+}
+```
+
+**NOTE**: in this case `withAuth` would only generate the `where` constraint, but not a `select` clause.
+
 
 If your resolver requires some data to be available on the `parent`, you should specify it in the config passed to `makeAuthorizationMiddlewares`:
 

diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@joindeed/prisma-auth",
-  "version": "1.1.1",
+  "version": "1.2.0",
   "description": "Declarative Prisma Authorization layer",
   "main": "dist/index.js",
   "scripts": {

diff --git a/src/makeListConstraintMiddleware.ts b/src/makeListConstraintMiddleware.ts
@@ -1,4 +1,5 @@
 import { Middleware, Configuration } from '.'
+import { getListWhereConstrains } from './getListWhereConstrains'
 
 import { PrismaSelect } from './select'
 
@@ -24,10 +25,32 @@ import { PrismaSelect } from './select'
 export const makeListConstraintMiddleware: (config: Configuration) => Middleware =
   (options) => async (resolve, parent, args, context, info) => {
     const select = new PrismaSelect(info, options, context)
-    // The order here is important: auth must be set last so it wouldn't be possible to override it with the query
+
     const withAuth = <T extends unknown>(query: T, path?: string, type?: string): T => {
-      const selectValue = path && type ? select.valueOf(path, type) : select.value
-      return PrismaSelect.mergeDeep({}, query, selectValue)
+      let selectValue
+
+      // Get nested value from the return type of the resolver
+      if (path && type) {
+        selectValue = select.valueOf(path, type)
+      // Get ONLY `where` clause for the specified type, without relation to the resolver at all
+      // The `select` clause would have to be crafted manually in this case, as it's not possible to deduce it from the return type of the resolver
+      // Useful for getting the auth constraints in situations where it's not possible to get it from the resolver return type
+      // (e.g. a `count` resolver that only returns a number)
+      } else if (!path && type) {
+        const where = 
+          getListWhereConstrains(
+          type,
+          info.schema.getType(type)?.description || '',
+          options,
+          context
+        )
+        selectValue = { where }
+      // Get the value for the root return type of the resolver
+      } else {
+        selectValue = select.value
+      }
+      // The order here is important: auth must be set last so it wouldn't be possible to override it with the query
+      return PrismaSelect.mergeDeep({}, query || {}, selectValue)
     }
 
     return resolve(parent, args, {