GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → anjlab → graphql_authorize

anjlab / graphql_authorize

Licence: MIT license
Authorization helpers for ruby-graphql fields

Programming Languages

ruby
36898 projects - #4 most used programming language
shell
77523 projects

Labels

railsgraphqlgempermissionsauthorizationcancancanpundit

Projects that are alternatives of or similar to graphql authorize

Laravel Governor
Manage authorization with granular role-based permissions in your Laravel Apps.
Stars: ✭ 131 (+469.57%)
Mutual labels:  permissions, authorization
spicedb
Open Source, Google Zanzibar-inspired fine-grained permissions database
Stars: ✭ 3,358 (+14500%)
Mutual labels:  permissions, authorization
Laratrust
Handle roles and permissions in your Laravel application
Stars: ✭ 1,799 (+7721.74%)
Mutual labels:  permissions, authorization
Rbac.dev
A collection of good practices and tools for Kubernetes RBAC
Stars: ✭ 115 (+400%)
Mutual labels:  permissions, authorization
Bouncer
Eloquent roles and abilities.
Stars: ✭ 2,763 (+11913.04%)
Mutual labels:  permissions, authorization
Accesscontrol
Role and Attribute based Access Control for Node.js
Stars: ✭ 1,723 (+7391.3%)
Mutual labels:  permissions, authorization
Think Authz
An authorization library that supports access control models like ACL, RBAC, ABAC in ThinkPHP 6.0 .
Stars: ✭ 155 (+573.91%)
Mutual labels:  permissions, authorization
Vakt
Attribute-based access control (ABAC) SDK for Python
Stars: ✭ 92 (+300%)
Mutual labels:  permissions, authorization
Vue Router User Roles
A Vue.js plugin that protects routes based on user roles. Add your own authentication.
Stars: ✭ 237 (+930.43%)
Mutual labels:  permissions, authorization
Appy
🚀 A full stack boilerplate web app
Stars: ✭ 225 (+878.26%)
Mutual labels:  permissions, authorization
Simpleacl
Simple ACL for PHP
Stars: ✭ 105 (+356.52%)
Mutual labels:  permissions, authorization
Graphql Guard
Simple authorization gem for GraphQL 🔒
Stars: ✭ 434 (+1786.96%)
Mutual labels:  gem, authorization
Sentinel
A framework agnostic authentication & authorization system.
Stars: ✭ 1,354 (+5786.96%)
Mutual labels:  permissions, authorization
Laravel Auth
A powerful authentication, authorization and verification package built on top of Laravel. It provides developers with Role Based Access Control, Two-Factor Authentication, Social Authentication, and much more, compatible Laravel’s standard API and fully featured out of the box.
Stars: ✭ 128 (+456.52%)
Mutual labels:  permissions, authorization
Appy Backend
A user system to bootstrap your app.
Stars: ✭ 96 (+317.39%)
Mutual labels:  permissions, authorization
Laravel Authz
An authorization library that supports access control models like ACL, RBAC, ABAC in Laravel.
Stars: ✭ 136 (+491.3%)
Mutual labels:  permissions, authorization
Brandenburg
Laravel Authentication Package
Stars: ✭ 79 (+243.48%)
Mutual labels:  permissions, authorization
Django Rules
Awesome Django authorization, without the database
Stars: ✭ 1,255 (+5356.52%)
Mutual labels:  permissions, authorization
Drf Access Policy
Declarative access policies/permissions modeled after AWS' IAM policies.
Stars: ✭ 200 (+769.57%)
Mutual labels:  permissions, authorization
Rbac
Hierarchical Role-Based Access Control for Node.js
Stars: ✭ 254 (+1004.35%)
Mutual labels:  permissions, authorization
View All Similar Projects ➔

Build Status Gem Version Maintainability

GraphqlAuthorize

This gem allows you to authorize an access to you graphql-fields (defined by graphql-ruby).

Installation

Add this line to your application's Gemfile:

gem 'graphql_authorize'

And then execute:

$ bundle

Or install it yourself as:

$ gem install graphql_authorize

Usage

You can define a proc and pass it to authorize inside the field block:

field :posts, types[PostType] do
  authorize lambda { |_obj, _args, context|
    current_user = context[:current_user]
    current_user && current_user.admin
  }

  resolve ->(_obj, _args, _context) { ... }
end

It also works for a new class-based syntax:

field :posts, PostType, null: false do
  authorize lambda { |_obj, _args, context|
    current_user = context[:current_user]
    current_user && current_user.admin
  }
end

Don't forget to pass current_user to the context when you execute the query, e.g.:

Schema.execute(query, context: { current_user: current_user })

CanCanCan

If you are using CanCanCan, you can just pass an array with two values - permission to check and a model class:

field :posts, types[PostType] do
  authorize [:read, Post]
  resolve ->(_obj, _args, _context) { ... }
end

In order to let GraphqlAuthorize know that it should use CanCanCan, please configure it somewhere in your app:

GraphqlAuthorize.config.auth_adapter = GraphqlAuthorize::AuthAdapters::CanCanCan

By default it will try to call can? on the module called Ability (you have it if you follow the guide). However, when you've done it in a different way, you must also configure auth_adapter_source - a proc, which will get a current context and will need to return something, which can respond to can?:

GraphqlAuthorize.configure do |config|
  config.auth_adapter = GraphqlAuthorize::AuthAdapters::CanCanCan
  config.auth_adapter_source = ->(context) { context[:current_user] }
end

Pundit

Pundit integration is very similar with CanCanCan - you should pass an array with two values in a following way:

field :posts, types[PostType] do
  authorize [:read, Post]
  resolve ->(_obj, _args, _context) { ... }
end

Don't forget to configure GraphqlAuthorize to use the proper adapter:

GraphqlAuthorize.config.auth_adapter = GraphqlAuthorize::AuthAdapters::Pundit

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/anjlab/graphql_authorize.

License

The gem is available as open source under the terms of the MIT License.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].