Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

How to handle pagination

See original GitHub issue

Question about GraphQL Shield

I’m using Prisma and the way I’m handling pagination is this one:

getBranchOffices(where: BranchOfficeWhereInput, orderBy: BranchOfficeOrderByInput, skip: Int, after: String, before: String, first: Int, last: Int): BranchOfficePayload

type BranchOfficePayload {
  branchOffices: [BranchOffice]!
  count: Int!
}

type BranchOffice {
  id: Int!
  name: String!
  ...
}

async function getBranchOffices(parent, args, context, info) {
    const branchOffices = await context.prisma.branchOffices(args);
    const count = await context.prisma
      .branchOfficesConnection({ where: args.where })
      .aggregate()
      .count()
    return {
      branchOffices,
      count,
    }
}

And this is how I handle permissions: There are branch offices that need to be shown to some users but be hidden for others. So what we do is create a permission for every branch e.g. BRANCH_1, BRANCH_2.

const canViewBranchOffice = rule({ cache: 'strict' })(async (parent, args, context, info) => {
  const branchId = parent.id
  const userPermissions = context.request.user;
  const hasPermission = userPermissions.find(({name}) => {
    return name.toLowerCase().includes(`branch_${branchId}`);
  })
  return !!hasPermission;
});

module.exports = {
  isAuthenticated,
  canViewBranchOffice
};

const permissions = shield(
  {
    Query: {
      '*': rules.isAuthenticated
    },
    Mutation: {
      '*': rules.isAuthenticated
    },
    BranchOffice: rules.canViewBranchOffice
  }
);

My main problem is that I don’t know how to update count with the total number of branch offices the user has access to.

Also, this is my first time trying to implement authorization, at least in the way I described above, so I’m not sure if it is the correct approach, so I’m open to sugestions

I have checked other questions and found none that matches mine.

Issue Analytics

State:
Created 4 years ago
Reactions:3
Comments:5

Top GitHub Comments

1reaction

maticzavcommented, Nov 30, 2019

Hey @HugoLiconV 👋,

Thank you for posting the question and for being so patient with my response. Have you by chance thought of introducing a new relationship that would determine who has access to which branches? This way you could filter branches before paginating them.

Do you think that could work?

0reactions

stale[bot]commented, Jan 14, 2020

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.

Top Results From Across the Web

Pagination Best Practices for Google | Documentation

Best practices when implementing pagination · Link pages sequentially · Use URLs correctly · Avoid indexing URLs with filters or alternative sort orders...

Everything You Need to Know About API Pagination

There are a few different ways to implement pagination in your APIs. We cover everything you need to know about API pagination.

4 Common Pagination Pitfalls – How to Get Into & Out of Them

If you have paginated content the proper way to handle it is by using the rel=prev, and rel=next tags to ensure that Google...

SEO Pagination Best Practices and Considerations - seoClarity

#1. Use Self-Referencing Canonical Tags for Each Page · #2. Use Crawlable Anchor Links · #3. Do Not Include Paginated Pages in Sitemaps...

Pagination in the REST API - Atlassian Developer

For that reason, we paginate the results to make sure responses are easier to handle. Let's say your initial call is asking for...