Update README.md - Githubissues

exAspArk / graphql-guard

Simple authorization gem for GraphQL :lock:

MIT License

471 stars 36 forks source link

Update README.md #10

Closed ghost closed 6 years ago

ghost commented 6 years ago

type.introspection? ? ->(obj, args, ctx) { false } : RULES.dig(type, field)

coveralls commented 6 years ago

Coverage remained the same at 100.0% when pulling 5ac1521ce9231139cfac9ae4d15fe3fd5a8a5a12 on johnunclesam:patch-1 into cd1ca47f19d3388911f77360f5786846b2870666 on exAspArk:master.

exAspArk commented 6 years ago

The intention in the https://github.com/exAspArk/graphql-guard/pull/6 was the opposite. Not to prevent accessing introspection types but to "allow introspection queries to skip authorization".

Could you please change the example to something like:

if type.introspection?
  ->(obj, args, ctx) { true } # of "false" to restrict an access
else
  RULES.dig(type, field)
end

ghost commented 6 years ago

Sorry. You're right.

coveralls commented 6 years ago

Coverage remained the same at 100.0% when pulling a4ba20d64c67d3baffdea5cca79d63eb4810a00f on johnunclesam:patch-1 into cd1ca47f19d3388911f77360f5786846b2870666 on exAspArk:master.

exAspArk commented 6 years ago

@johnunclesam thank you for contributing! 🙌