Nesting and/or with @auth directive

forstmeier · May 22, 2020, 8:45pm

Hi!

I’ve started playing around with the brand new @auth/@custom directives and I had a question about the former. What is the best way to “nest” the “and”/“or” logic? For example on the add Dgrahp-genearted operation:

type Donor @auth(
	add: { and: [
		{ rule: "{ $isAuthenticated: { eq: \"true\" } }" },
		{ or: [
			{ rule: "{$role: { eq: \"USER_ADMIN\" } }"},
			{ rule: "{$role: { eq: \"USER_INTERNAL\" } }"},
			{ rule: "{$role: { eq: \"USER_LAB\" } }"},
		]},
    ]}
) {
        id: ID!
        ...
}

Would this work to make sure that the user is authenticated (isAuthenticated) and one of the $role values?

Additionally, what’s the best source binary to be using in order to have these new custom directives available? Which should I be downloading? Since the version in curl https://get.dgraph.io -sSf does not have those directives.

Best,
John

abhimanyusinghgaur · May 22, 2020, 9:03pm

Hi @forstmeier,

Yep! it will work the way you explained it. By the way, you forgot to close the add and and with ]}.

These features are not yet released. They will be part of stable release in July and a beta release before that. But the exact dates are not announced yet.

If you want to try them out on your own, you can clone dgraph repo from GitHub and use the master branch to build the binary by yourself.
We also have an upcoming managed GraphQL as a service platform hosted at http://app.thegaas.com/ where you can try these features. But the dgraph image used by the service is not expected to be stable until the official release of the features.

forstmeier · May 30, 2020, 2:42pm

@abhimanyusinghgaur Thanks for the earlier response!

Any idea on when the @auth directive will have full support for interfaces/implementations? I skimmed through the open PRs but didn’t see anything immediately addressing this support.

michaelcompton · June 1, 2020, 1:18am

Hi,

Interfaces don’t have any proper auth support yet. In fact, it’ll try to not let you do much in that area at the moment.

It’s all beta at the moment, but Auth will be released in 20.07.0 sometime in July, so expect to see the final bits to land throughout June.