Auth directive rule compare against Boolean

having a valid JWT with the following data:

{ "IS_ALLOWED_ACCESS": true }

How can I compare this in auth rules?

I have tried:

{ rule: "{$IS_ALLOWED_ACCESS: true}"}
{ rule: "{$IS_ALLOWED_ACCESS: { eq: true }}"}
{ rule: "{$IS_ALLOWED_ACCESS: { eq: \"true\" }}"}

The last one validates but it doesn’t seem to equate out to satisfy the rule.

In the docs it is done like:

Ensuring that requests are from an authenticated JWT, and no further restrictions, can be done by arranging the JWT to contain a value like “isAuthenticated”: “true”. For example,

type User @auth(
    query: { rule:  "{$isAuthenticated: { eq: \"true\" } }" },
) {
    username: String! @id
    todos: [Todo]
}

But that is comparing a string with the value of true. A boolean is a valid JSON value: https://stackoverflow.com/a/39352374/1707323

Currently, we don’t support boolean variables in RBAC. The values have to be passed as a string. But we have plans to improve the RBAC rules like having other comparison operators, support multiple data types like int, bool, and support for anyofterms, allofterms, etc.

1 Like

Hi @arijit - is string exact match/strict equality the only operation that is supported in @auth rules at the moment? Do we have support for regex matching or even substring match?

If not when will this land in production?

This is a big blocker for us currently

@vinniefg
Apologies for the delayed response. We don’t have support for these right now. Are both of these important to you or is one of these more important that we could release first? These won’t be part of the 20.11 release but we can support it for the next release after that.

1 Like