Function

return - Object with two functions

Return Properties:

Name	Type	Attribute	Description
debug	function		debug() function
error	function		error() function

Throw:

Error

throws Error message in the error() function }

public buildArgument(name: , type: ): {"kind": string, "name": , "type": , "defaultValue": , "directives": } source

import {buildArgument} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Params:

Name	Type	Attribute	Description
name	*
type	*

Return:

{"kind": string, "name": *, "type": *, "defaultValue": *, "directives": *}

public buildField(name: , args: , typeName: ): {"kind": string, "name": , "arguments": , "type": } source

import {buildField} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Params:

Name	Type	Attribute	Description
name	*
args	*
typeName	*

Return:

{"kind": string, "name": *, "arguments": *, "type": *}

public buildName(name: ): {"kind": string, "value": } source

import {buildName} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Params:

Name	Type	Attribute	Description
name	*

Return:

{"kind": string, "value": *}

public buildTypeDefinition(name: , fields: , kind: ): {"kind": , "name": , "interfaces": , "directives": , "fields": } source

import {buildTypeDefinition} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Params:

Name	Type	Attribute	Description
name	*
fields	*
kind	*

Return:

{"kind": *, "name": *, "interfaces": *, "directives": *, "fields": *}

public buildTypeExtension(type: ): {"kind": , "definition": *} source

import {buildTypeExtension} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Params:

Name	Type	Attribute	Description
type	*

Return:

{"kind": *, "definition": *}

public buildTypeReference(name: ): {"kind": string, "name": } source

import {buildTypeReference} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Params:

Name	Type	Attribute	Description
name	*

Return:

{"kind": string, "name": *}

public checkAuthDoc(doc: object, me: object, userRoles: array, docRoles: array, User: object, logger: function): object source

import {checkAuthDoc} from 'create-graphql-server-authorization/src/lib/checkAuthDoc.js'

Returns an authorized document

Params:

Name	Type	Attribute	Description
doc	object		any document to be checked
me	object		current user
userRoles	array		list of userRoles
docRoles	array		list of docRoles
User	object		model context of type User
logger	function		the logger function

Return:

doc - returns the authorized document

Throw:

Error

throws on a missing authorization

public enhanceSchemaForAuthorization(inputSchema: object): object source

import {enhanceSchemaForAuthorization} from 'create-graphql-server-authorization/src/generator/schema/enhanceSchemaForAuthorization.js'

enhances the schema by additional fields, required for authorization

Params:

Name	Type	Attribute	Description
inputSchema	object		the input's schema with all fields

Return:

outputSchema - the enhanced output Schema

public fieldContainsUserId(docRoleField: object, compressedUserId: object): boolean source

import {fieldContainsUserId} from 'create-graphql-server-authorization/src/lib/fieldContainsUserId.js'

checks, if a field contains a user's id returns true, if a field of type array/object/string contains the userId

Params:

Name	Type	Attribute	Description
docRoleField	object		the field to be checked
compressedUserId	object		the user id to test

Return:

found - true if it contains the user id

public generatePerField(type: , generators: ): object source

import generatePerField from 'create-graphql-server-authorization/src/generator/util/generatePerField.js'

changes a given string on the first character to lower case

Params:

Name	Type	Attribute	Description
type	*
generators	*

Return:

generatorResults - field context for templates

public getBaseType(type: ): source

import {getBaseType} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

helper methods to work with graphql ASTs

Params:

Name	Type	Attribute	Description
type	*

Return:

public getCode(codeType: string, config: object): string source

import {getCode} from 'create-graphql-server-authorization/src/generator/getCode.js'

get generated code from template partials

Params:

Name	Type	Attribute	Description
codeType	string		MODEL or RESOLVER run
config	object		configuration object

Return:

code - generated code for a model

Return Properties:

Name	Type	Attribute	Description
inputSchema	object		schema of the type
userType	string		the user type
defaultTemplate	string		name of the start template
basePath	array		path to the base templates directory
baseExtension	string		file extension '.template'
baseEncoding	string		base file encoding 'utf8'
baseCommonDir	string		commonly used template partials
baseDefaultDir	string		default directory for templates
baseGetNameFunc	function		calculate the name of a partial
authPath	array		path to the authorization templates directory
authExtension	string		auth file encoding 'utf8'
authEncoding	string		auth file encoding
authCommonDir	string		commonly used auth template partials
authDefaultDir	string		default directory for auth templates
authGetNameFunc	function		calculate tne name of a partial

public getContext(inputSchema: Object, User: string, codeType: string): Object source

import {getContext} from 'create-graphql-server-authorization/src/generator/getContext.js'

gets context for later template compilation reads schema and determines data context for code replacements

Params:

Name	Type	Attribute	Description
inputSchema	Object		schema of the type
User	string		name of the user model for User model context
codeType	string		to distinguish MODEL/RESOLVER runs

Return:

templateContext - data context for template compilation

Return Properties:

Name	Type	Attribute	Description
authorize	boolean		if authorization logic is there
isUserType-	boolean		if it is the User type
typeName	string		name of the type with starting lower case
TypeName	string		name of the type with starting upper case
User	string		name of the user model
userRoles	Object		authorizations matrix for userRole
docRoles	Object		authorization matrix for docRole
firstUserRole	string		the role for protectFields
roleField	string		field name where the userRole is stored
singularFields	array		fields array
paginatedFields	array		fields array
schema	object		schema definition

public getPartials(configPartial: Object): array source

import {getPartials} from 'create-graphql-server-authorization/src/generator/getPartials.js'

reads all available partials of a template directory

Params:

Name	Type	Attribute	Description
configPartial	Object		configuration object

Return:

array

partials - repository with all partials

Return Properties:

Name	Type	Attribute	Description
basePath	array		base directory to start reading
directoryPath	array		partials directory name parts
extension	array		extension name for template files '.template'
encoding	array		encoding of template files 'utf8'
getNameFunc	Function		optional, otherwise getDefaultName function is used

Example:

 partials = [
   {
     "name": "hello",
     "path": "templates/default/hello.template",
     "source": "console.log('Hello World')"
   }
 ]

public idArgument(): * source

import {idArgument} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Return:

public isAuthorizeDirectiveDefined(inputSchema: object): boolean source

import {isAuthorizeDirectiveDefined} from 'create-graphql-server-authorization/src/generator/authorize/isAuthorizeDirectiveDefined.js'

checks, if there is authorization logic defined true, if there is an @authorize directive in the header in the type's inputSchema if there is an @authorize directive => true if thers is no @authorize directive => false

Params:

Name	Type	Attribute	Description
inputSchema	object		schema for the type

Return:

authorized - true, if authorization logic defined

public isRoleField(roleName: string, fieldDirectives: any): boolean source

import {isRoleField} from 'create-graphql-server-authorization/src/generator/authorize/isRoleField.js'

Params:

Name	Type	Attribute	Description
roleName	string
fieldDirectives	any

Return:

public isScalarField(field: ): source

import {isScalarField} from 'create-graphql-server-authorization/src/generator/util/graphql.js'

Params:

Name	Type	Attribute	Description
field	*

Return:

public lcFirst(str: string): string source

import {lcFirst} from 'create-graphql-server-authorization/src/generator/util/capitalization.js'

changes a given string on the first character to lower case

Params:

Name	Type	Attribute	Description
str	string		string

Return:

str - changed string

public loggedIn(me: object): boolean source

import {loggedIn} from 'create-graphql-server-authorization/src/lib/loggedIn.js'

Checks, if an user is logged in

Params:

Name	Type	Attribute	Description
me	object		current user

Return:

loggedIn - true, if user is logged in

public onAuthRegisterLoader(resolver: string, mode: string, me: object, that: object): Object source

import {onAuthRegisterLoader} from 'create-graphql-server-authorization/src/lib/onAuthRegisterLoader.js'

similiar to authLog, registers dataloader on successfull authorization and doesn't throw exception in error case

Params:

Name	Type	Attribute	Description
resolver	string		log name of a resolver
mode	string		crud operation name
me	object		current user
that	object		it is the 'this' context from a model's constructor

Return:

return - Object with two functions

Return Properties:

Name	Type	Attribute	Description
registerLoader	function		registers the dataloader in the model
debug	function		debug() function
error	function		error() function }

public protectFields(me: object, authorizedUserRoles: array, protectedFields: array, inputObject: object, User: object): object source

import {protectFields} from 'create-graphql-server-authorization/src/lib/protectFields.js'

Protects a field based on authorizations

Params:

Name	Type	Attribute	Description
me	object		current user
authorizedUserRoles	array		userRoles with authorization
protectedFields	array		list of fields only for these userRoles
inputObject	object		document with might contain those fields
User	object		model context for type User

Return:

result - document with or without the protected fields

public queryForRoles(me: object, userRoles: array, docRoles: array, User: object, logger: object): object source

import {queryForRoles} from 'create-graphql-server-authorization/src/lib/queryForRoles.js'

Prepare a query object for mongodb operations with authorization queries creates an authQuery object with additional query arguments, to implement authorization restrictions for mongodb access

Params:

Name	Type	Attribute	Description
me	object		current user
userRoles	array		list of userRoles
docRoles	array		list of docRoles
User	object		model context for type User
logger	object		logger function

Return:

authQuery - authQuery for data operations

Example:

  const authQuery = 
    queryForRoles(me, userRoles, docRoles, { User }, authlog(resolver, mode, me ) );

public ucFirst(str: string): string source

import {ucFirst} from 'create-graphql-server-authorization/src/generator/util/capitalization.js'

changes a given string on the first character to upper case

Params:

Name	Type	Attribute	Description
str	string		string

Return:

str - changed string

public userRoleAuthorized(me: object, userRoles: array, User: object, logger: object): boolean source

import {userRoleAuthorized} from 'create-graphql-server-authorization/src/lib/userRoleAuthorized.js'

Is a user's role authorized for a document You can use also the role 'world', to authorize everyone

Params:

Name	Type	Attribute	Description
me	object		current user
userRoles	array		list of userRoles
User	object		model context for type User
logger	object		logger function

Return:

authorized - true, if userRole is authorized

Static Private

private extractRoles(allRolesArguments: object, inputSchema: object): array source

import {extractRoles} from 'create-graphql-server-authorization/src/generator/authorize/extractRoles.js'

extract the roles from the @authorize directive by reading the input schema's abstract syntax tree to get the roles and their authorized modes

Params:

Name	Type	Attribute	Description
allRolesArguments	object		AST with role definitions
inputSchema	object		the schema of the type

Return:

array

allRoles - returns the defined roles

Example:

         @authorize(
           admin: ["create", "read", "update", "delete"]
           this: ["read", "update", "delete"]
         )

it creates the following array (example):

allRoles = [
      {
          name: 'admin',
          type: 'userRole' || 'docRole'
          modes: {
           create: 'admin',
           readOne: 'admin',
           readMany: 'admin',
           update: 'admin',,
           delete: 'admin',
       }
]

private getFieldType(field: object): type source

import {getFieldType} from 'create-graphql-server-authorization/src/generator/authorize/getFieldType.js'

get the field's type

Params:

Name	Type	Attribute	Description
field	object		AST with field definitions

Return:

type	fieldType - returns the type of the field

Example:

'role: String'

'role: String!'

'coauthors: [User]'

'coauthors: [User]!'

'coauthors: [User!]'

'coauthors: [User!]!'

private getName(directoryPath: array, filename: string, extension: string): string source

import {getName} from 'create-graphql-server-authorization/src/generator/getName.js'

get the name of the partial template according to default naming convention defines the name of the partial template in its directory structure prepare name prefix: take just partial name on root template directory on deeper directory structures, prefix directory name to partial name

Params:

Name	Type	Attribute	Description
directoryPath	array		partials directory name parts
filename	string		file name of the partial template
extension	string		file extension

Return:

name - name of the partial

Example:

name = hello               {base}/hello.template
name = auth_hello          {base}/auth/hello.template
name = auth_special_hello  {base}/auth/special/hello.template

private getRoleType(name: string, inputSchema: object): Object source

import {getRoleType} from 'create-graphql-server-authorization/src/generator/authorize/getRoleType.js'

decide, if the given role is whether a 'userRole' or a 'docRole'

Procedure:

Determine, if this field is used as a roleField
Check, if this roleField... a) is of type: String or [String] ==> userRole b) is of type: User or [User] ==> docRole c) roleName = 'this' ==> docRole
If there is no roleField in this type it must be a userRole

For 1. is a roleField: read the type's abstract syntax tree loop over all provided fields, check, if the field has a directive '@authRole' and if this authRole is 'for' the provided 'roleName' or the roleName is the special case 'this' ==> then it is a roleField

For 2. get it's fieldType: read the type's abstract syntax tree for the roleField and read it's type

a) if it is a String or List of Strings, then the roleType = 'userRole'

b) if it is a User or List of Users (userIds), then the roleType = 'docType'

c) special case: roleName = 'this' (it doesn't look for an authRole for 'this') it means the document's id field is used for this meaning the role defines the authorizations, a User has upon his own User document

For 3. none of the above applies so the role must be a userRole

Params:

Name	Type	Attribute	Description
name	string		name of the role
inputSchema	object		the schema of the type

Return:

role - role definitions

Return Properties:

Name	Type	Attribute	Description
roleType	string		type of the role 'userRole', 'docRole'
roleName	string		name of the role
roleFieldName	string		field name for the userRole

private getRoles(authorize: boolean, inputSchema: object): Object source

import {getRoles} from 'create-graphql-server-authorization/src/generator/authorize/getRoles.js'

get userRoles and docRoles

Params:

Name	Type	Attribute	Description
authorize	boolean		flag for authorization logic
inputSchema	object		type's schema

Return:

Return Properties:

Name	Type	Attribute	Description
userRoles	object		userRoles object with modes
docRoles	object		docRoles object with modes
roleFieldName	string		field containing the roles }

private lcFirst(str: string): string source

import {lcFirst} from 'create-graphql-server-authorization/src/utilities.js'

converts first character of string to lower case

Params:

Name	Type	Attribute	Description
str	string		string

Return:

converted_string - first character is lower case

private parseCode(source: string): Object source

import {parseCode} from 'create-graphql-server-authorization/src/utilities.js'

parses a Code into an abstract syntax tree (AST)

Params:

Name	Type	Attribute	Description
source	string		source code

Return:

AST - abstract syntax tree converted source code

private prep(role: array): string source

import {prep} from 'create-graphql-server-authorization/src/utilities.js'

prepare roles for code generator convert array to String value replace " by '

Params:

Name	Type	Attribute	Description
role	array		name of role

Return:

roleString - role string

private ucFirst(str: string): string source

import {ucFirst} from 'create-graphql-server-authorization/src/utilities.js'

converts first character of string to upper case

Params:

Name	Type	Attribute	Description
str	string		string

Return: