Open ErangaHeshan opened 1 year ago
I'm experiencing the same problem. I have registered GraphQLModule.forRootAsync
and I also have simple controller with single /health
GET request.
My guard is simple, just logging on canActivate
. I set it as global guard with: app.useGlobalGuards(new TestGuard());
GraphQL routes simply ignore the guard meanwhile /health
request prints logs.
"@nestjs/apollo": "^12.0.11", "@neo4j/graphql": "^4.4.5", "@apollo/server": "^4.9.4", "@nestjs/core": "^10.3.1", "@nestjs/graphql": "^12.0.9",
Is there an existing issue for this?
Current behavior
I have a user role guard that needs to access a TypeORM repository inside. I set it inside my AppModule as a global guard. However, I see that when a GraphQL request comes, it does not go through the guard but simply hits my GraphQL query. Any idea what is going wrong here?
AppModule
UserRightGuard
UserDetailsResolver
Minimum reproduction code
https://github.com/ErangaHeshan/nests-issues-trigger-global-guard#2-a-user-without-proper-access
Steps to reproduce
No response
Expected behavior
I would expect the GraphQL queries annotated using
@RequireRights(['subscription'])
to invoke the guard and check if the user who made the request has appropriateright
value in theiruser_details
table. If the user does not have properright
, the query should returnFORBIDDEN
error inside its response body.Package version
12.0.8
Graphql version
graphql
: 16.8.1@apollo/server
: 4.9.4@nestjs/platform-express
: 10.0.0@nestjs/typeorm
: 10.0.0NestJS version
10.0.0
Node.js version
16.13.2
In which operating systems have you tested?
Other
I discussed the issue with one of the NestJS core team member and here is our discussion on Discord