Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
Parent is undefined
See original GitHub issueI’m following the examples for setting up with Prisma (using the Prisma graphql-authentication example) and everything is working great except when I try to use parent in a rule to establish user ownership.
const isOwner = rule()(async (parent, args, ctx, info) => {
// Here, ctx contains my proper user object but parent is always undefined
// without this permission, the yoga resolves the mutation just fine and the updated post is returned
return ctx.user.items.some(id => id === parent.id)
})
const permissions = shield({
Mutation: {
updatePost: or(isAdmin, and(isOwner, isEditor))
},
})
What I see is that the isOwner rule is being called before my updatePost resolver. Is this the intended behavior? Kinda makes sense not to hit the database if not authorized but then I have no chance to check the ownership of the post.
Does anyone know how parent is supposed to be populated? @maticzav explains nicely in https://github.com/prismagraphql/graphql-middleware/issues/19 that parent is the “result of the previous function. GraphQL works recursively by calling successive types determined by the schema. It starts off with undefined and continues execution down the chain forwarding the result of the previous resolver to the new one.” Ok. But my resolver is never called. What am I doing wrong?
Thanks so much!!
Issue Analytics
- State:
- Created 5 years ago
- Comments:8
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
Nevermind, I just read through all the source of shield and middlewares and I think I have a much better understanding now.
Hey @nolandg @kitze 👋,
Have you heard of
$existsmethod in Prisma? Its idea stems from a legacy Graphcool permission system where you could, using GraphQL queries, define permissions for your system.graphql-shieldis designed especially with that in mind. This way, it doesn’t seem like you are fetching the same data twice. Additionally, I believe it is worth mentioning thatprisma-binding, andprisma-clientI believe as well, both feature a minor implementation of caching. Furthermore,graphql-shieldalso prevents duplication of requests by caching the result of a rule depending on the cache option.