Auth directive rule compare against Boolean

having a valid JWT with the following data:


How can I compare this in auth rules?

I have tried:

{ rule: "{$IS_ALLOWED_ACCESS: true}"}
{ rule: "{$IS_ALLOWED_ACCESS: { eq: true }}"}
{ rule: "{$IS_ALLOWED_ACCESS: { eq: \"true\" }}"}

The last one validates but it doesn’t seem to equate out to satisfy the rule.

In the docs it is done like:

Ensuring that requests are from an authenticated JWT, and no further restrictions, can be done by arranging the JWT to contain a value like “isAuthenticated”: “true”. For example,

type User @auth(
    query: { rule:  "{$isAuthenticated: { eq: \"true\" } }" },
) {
    username: String! @id
    todos: [Todo]

But that is comparing a string with the value of true. A boolean is a valid JSON value:

Currently, we don’t support boolean variables in RBAC. The values have to be passed as a string. But we have plans to improve the RBAC rules like having other comparison operators, support multiple data types like int, bool, and support for anyofterms, allofterms, etc.

1 Like

Hi @arijit - is string exact match/strict equality the only operation that is supported in @auth rules at the moment? Do we have support for regex matching or even substring match?

If not when will this land in production?

This is a big blocker for us currently