search

Azure / data-api-builder

Data API builder provides modern REST and GraphQL endpoints to your Azure Databases and on-prem stores.
https://aka.ms/dab/docs
MIT License
933 stars 194 forks source link

[Enhancement] : Allow role level query depth limits #2256

Open sajeetharan opened 5 months ago

sajeetharan commented 5 months ago

With this feature https://github.com/Azure/data-api-builder/issues/1577 coming in place, we should also have a way to define this at role level.

"runtime": {

    "rest": {
      "enabled": false,
      "path": "/api",
      "request-body-strict": true
    },
    "graphql": {
      "enabled": true,
      "path": "/graphql",
      "allow-introspection": true
      "depth-limit": 1
    },

and the above configuration should also be applicable to specific role.

  "permissions": [
        {
          "role": "anonymous",
          "depth-limit": 2
          "actions": [
            {
              "action": "*"
            }
          ]
        }
      ]
JerryNixon commented 5 months ago

Also, we don't want to skip this:

dab update Books --permissions-depth-limit anonymous:2