search

hayes / pothos

Pothos GraphQL is library for creating GraphQL schemas in typescript using a strongly typed code first approach
https://pothos-graphql.dev
ISC License
2.28k stars 153 forks source link

Authz Plugin overwrites the directives plugin #1180

Closed olliebatch closed 3 months ago

olliebatch commented 3 months ago

const builder = new SchemaBuilder<{ Context: Context; AuthZRule: keyof typeof rules; }>({ plugins: [ AuthZPlugin, DirectivePlugin, FederationPlugin, ],

We use the Directive + Federation + AuthZPlugin.

We have noticed on schema generation that the order of these plugins is important and i believe it shouldn't be. What i mean by this is when i generate a query field with Authz + Directives it removes the directive if Authz is supplied.

builder.queryField("submission", (t) => t.field({ type: XXType, authz: { compositeRules: [{ or: ["IsSubmissionOwner", "IsResaleAdmin"] }], }, tag: ["thirdParty"], nullable: true, args: { id: t.arg.id({ required: true, description: "ID of the Submission" }), }, resolve: (_parent, args) => return x() }) );

I would expect this to render 

"""Query for a Submission"""
  submission(
    """ID of the Submission"""
    id: ID!
  ):  XXType @tag(name: "thirdParty")

However it renders without the tag.

When i move the Authzplugin to the bottom of the plugins, the @tag appears again

hayes commented 3 months ago

can you check that this happens on the latest version of the authz plugin? Looking at the git history, there was a fix for this issue about 5 months ago, and I don't see anything obvious that would cause this in the current version. If it's still happening there might be a more complicated interaction happening

here's the relevant change: https://github.com/hayes/pothos/commit/410976ffc5cfdff24b7be9122783cfe9a41a802c

olliebatch commented 3 months ago

can you check that this happens on the latest version of the authz plugin? Looking at the git history, there was a fix for this issue about 5 months ago, and I don't see anything obvious that would cause this in the current version. If it's still happening there might be a more complicated interaction happening

here's the relevant change: 410976f

Thanks @hayes - sorry i didn't add the versions that we are using - see below. I believe this is the current version.

Looking on reflection it seems to be happening when the Authz is before the federation plugin not the directive plugin. The directive one can come after and still generate the types. 


    "@pothos/core": "^3.41.0",
    "@pothos/plugin-authz": "^3.5.8",
    "@pothos/plugin-dataloader": "^3.18.1",
    "@pothos/plugin-directives": "^3.10.2",
    "@pothos/plugin-federation": "^3.15.0",
    "@pothos/plugin-relay": "^3.46.0",
    "@pothos/plugin-validation": "^3.10.1",
olliebatch commented 3 months ago

can you check that this happens on the latest version of the authz plugin? Looking at the git history, there was a fix for this issue about 5 months ago, and I don't see anything obvious that would cause this in the current version. If it's still happening there might be a more complicated interaction happening

here's the relevant change: 410976f

Just to check -> the last published version on npm was a year ago - so i'm not sure that fix has been released

hayes commented 3 months ago

weird, looks like you're correct this was never published. Just published the fixed version. Thanks for the report, and sorry for any confusion