FEATURE: get constraints for arbitrary type (#8)

dimaip · web-flow · commit ab89d0c8ca07 · 2022-10-31T12:57:57.000+03:00
* FEATURE: get constraints for arbitrary type

* @joindeed/mongoose-models-1.2.0
diff --git a/README.md b/README.md
@@ -104,6 +104,23 @@ resolve: async (parent, args, context) => {
     }
   }))
 }
+```
+
+Additionally, if you want to make any arbitrary Prisma query not related to the GraphQL return type at all (e.g. say you want to count something and get the count with respect to the constraints),
+and want to get the `where` constraints for it, you may leave the `path` argument empty and only provide the `type`:
+
+```js
+resolve: async (parent, args, context) => {
+  return context.prisma.users.count(context.withAuth({
+    where: {
+      some: 'query'
+    }
+  }, undefined, 'UserType'))
+}
+```
+
+**NOTE**: in this case `withAuth` would only generate the `where` constraint, but not a `select` clause.
+
 
 If your resolver requires some data to be available on the `parent`, you should specify it in the config passed to `makeAuthorizationMiddlewares`:
 
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@joindeed/prisma-auth",
-  "version": "1.1.1",
+  "version": "1.2.0",
   "description": "Declarative Prisma Authorization layer",
   "main": "dist/index.js",
   "scripts": {
diff --git a/src/makeListConstraintMiddleware.ts b/src/makeListConstraintMiddleware.ts
@@ -1,4 +1,5 @@
 import { Middleware, Configuration } from '.'
+import { getListWhereConstrains } from './getListWhereConstrains'
 
 import { PrismaSelect } from './select'
 
@@ -24,10 +25,32 @@ import { PrismaSelect } from './select'
 export const makeListConstraintMiddleware: (config: Configuration) => Middleware =
   (options) => async (resolve, parent, args, context, info) => {
     const select = new PrismaSelect(info, options, context)
-    // The order here is important: auth must be set last so it wouldn't be possible to override it with the query
+    
     const withAuth = <T extends unknown>(query: T, path?: string, type?: string): T => {
-      const selectValue = path && type ? select.valueOf(path, type) : select.value
-      return PrismaSelect.mergeDeep({}, query, selectValue)
+      let selectValue
+      
+      // Get nested value from the return type of the resolver
+      if (path && type) {
+        selectValue = select.valueOf(path, type)
+      // Get ONLY `where` clause for the specified type, without relation to the resolver at all
+      // The `select` clause would have to be crafted manually in this case, as it's not possible to deduce it from the return type of the resolver
+      // Useful for getting the auth constraints in situations where it's not possible to get it from the resolver return type
+      // (e.g. a `count` resolver that only returns a number)
+      } else if (!path && type) {
+        const where = 
+          getListWhereConstrains(
+          type,
+          info.schema.getType(type)?.description || '',
+          options,
+          context
+        )
+        selectValue = { where }
+      // Get the value for the root return type of the resolver
+      } else {
+        selectValue = select.value
+      }
+      // The order here is important: auth must be set last so it wouldn't be possible to override it with the query
+      return PrismaSelect.mergeDeep({}, query || {}, selectValue)
     }
 
     return resolve(parent, args, {

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@joindeed/prisma-auth",`
`3`		`- "version": "1.1.1",`
	`3`	`+ "version": "1.2.0",`
`4`	`4`	`"description": "Declarative Prisma Authorization layer",`
`5`	`5`	`"main": "dist/index.js",`
`6`	`6`	`"scripts": {`