I have this @auth rule:
type User @auth(
query: { or: [
{ rule: """
query($USERNAME: String!, $EMAIL: String!) {
queryUser(filter: {
username: {
eq: $USERNAME
},
or: {
email: {
eq: $EMAIL
}
}
}) {
username
}
}
"""
}
{ rule: "{$ROLE: { eq: \"ADMIN\" } }" }
]
}) {
id: ID!
email: String! @id
username: String! @id
firstName: String
lastName: String
}
What I expected was that I could supply a JWT with either a USERNAME or an EMAIL var, but what I find is that if one is missing the rule fails.
It would be great if Dgraph didn’t automatically fail a rule when one of these JWT vars was missing, but instead failed branches within the filter logic based on the required variable being missing or not.
EDIT: Obviously I can do this, but it’s a lot less concise.
type User @auth(
query: { or: [
{ rule: """
query($EMAIL: String!) {
queryUser(filter: {
email: {
eq: $EMAIL
}
}) {
id
}
}
"""
}
{ rule: """
query($USERNAME: String!) {
queryUser(filter: {
username: {
eq: $USERNAME
}
}) {
id
}
}
"""
}
{ rule: "{$ROLE: { eq: \"ADMIN\" } }" }
]
}) {
id: ID!
email: String! @id
username: String! @id
firstName: String
lastName: String
stripeCustomerId: String
}