I have an authorized method on my CreateMutation as described in the docs: http://graphql-ruby.org/authorization/authorization.html
#Inherits from a BaseMutation which inherits from GraphQL::Schema::Mutation
def authorized?(object)
super && #more auth logic
end
And added this on my schema:
class MySchema < GraphQL::Schema
def self.unauthorized_object(error)
raise GraphQL::ExecutionError, "An object of type #{error.type.graphql_name} was hidden due to permissions"
end
end
I expected that if authorized?
returns false it would call the Schema#unauthorized_object to return the error but that hook doesn't seem to be called at all. Does it require an object to be loaded? if so, how can I load an object that doesnt exist yet (createMutation)?
rylanc, arempe93 and mackeee-orange
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4