Closed fernandoflorez closed 1 year ago
erikwrede
commented
2 years ago Can you specify what exactly you are trying to achieve? Maybe with a minimal working example? To me, this sounds like more of a graphql frontend/client issue than a server issue.
fernandoflorez
commented
2 years ago I would like to limit the access to specific data based on the type of user. An option would be to add the logic to the resolver but another option (which is what I'm using) was to create a custom model loader and add the logic and restrictions there.
erikwrede
commented
2 years ago Sorry for the late reply, I didn't see the notification.
Are you looking for some sort of authorization?
e.g.
User with role X can access the Case id and name
User with role Y can access the Case id
Or are you looking for some way to limit access based on the object itself, independent of the user/account/session accessing it?
In both cases, there is no native support for SQLAlchemy. In case of authorization you might be interested in something like https://www.osohq.com/post/graphql-authorization-graphene-sqlalchemy-oso In the other case, a custom resolver would probably be the best place to add those restrictions, to keep resolve logic and model logic separate.
erikwrede
commented
1 year ago Closing due to inactivity. Please open a new issue if this is still relevant, and provide the necessary information.
github-actions[bot]
commented
11 months ago This issue has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related topics referencing this issue.
Hello,
How would I modify a relationship query on runtime? I'd like to limit the dataset based on a context variable on runtime.
Any guides on where should I look?
Thanks