Add ability to set filters per operation / action

2019-10-06 16:28:10 -04:00
parent 450d77ccbd
commit 9299855d8a
17 changed files with 446 additions and 225 deletions
--- a/config/allow.list
+++ b/config/allow.list
@ -5,7 +5,7 @@ variables {
 		"name": "Wu-Tang",
 		"description": "No description needed"
 	},
-  "product_id": 1
+	"product_id": 1
 }

 mutation {
@ -16,6 +16,111 @@ mutation {
  }
 }

+variables {
+	"data": {
+		"product_id": 5
+	}
+}
+
+mutation {
+  products(id: $product_id, delete: true) {
+    id
+    name
+  }
+}
+
+variables {
+	"data": [
+		{
+			"name": "Gumbo1",
+			"created_at": "now",
+			"updated_at": "now"
+		},
+		{
+			"name": "Gumbo2",
+			"created_at": "now",
+			"updated_at": "now"
+		}
+	]
+}
+
+mutation {
+  products(id: 199, delete: true) {
+    id
+    name
+  }
+}
+
+variables {
+	"data": [
+		{
+			"name": "Gumbo1",
+			"created_at": "now",
+			"updated_at": "now"
+		},
+		{
+			"name": "Gumbo2",
+			"created_at": "now",
+			"updated_at": "now"
+		}
+	]
+}
+
+query {
+  products {
+    id
+    name
+  }
+}
+
+
+variables {
+	"update": {
+		"name": "Helloo",
+		"description": "World \u003c\u003e"
+	},
+	"user": 123
+}
+
+mutation {
+  products(id: 5, update: $update) {
+    id
+    name
+    description
+  }
+}
+
+variables {
+	"data": [
+		{
+			"name": "Gumbo1",
+			"created_at": "now",
+			"updated_at": "now"
+		},
+		{
+			"name": "Gumbo2",
+			"created_at": "now",
+			"updated_at": "now"
+		}
+	]
+}
+
+query {
+  product {
+    id
+    name
+  }
+}
+
+
+query {
+  me {
+    id
+    email
+    full_name
+  }
+}
+
 variables {
 	"data": {
 		"email": "gfk@myspace.com",
@ -31,19 +136,6 @@ mutation {
  }
 }

-variables {
-	"data": {
-		"product_id": 5
-	}
-}
-
-mutation {
-  products(id: $product_id, delete: true) {
-    id
-    name
-  }
-}
-
 query {
  users {
    id
@ -79,26 +171,3 @@ mutation {
  }
 }

-query {
-  me {
-    id
-    email
-    full_name
-  }
-}
-
-variables {
-	"update": {
-		"name": "Helloo",
-		"description": "World \u003c\u003e"
-	},
-	"user": 123
-}
-
-mutation {
-  products(id: 5, update: $update) {
-    id
-    name
-    description
-  }
-}
--- a/config/dev.yml
+++ b/config/dev.yml
@ -111,42 +111,45 @@ database:
      - encrypted
      - token

-  tables:
-    - name: users
-      # This filter will overwrite defaults.filter
-      # filter: ["{ id: { eq: $user_id } }"]
+tables:
+  - name: users
+    # This filter will overwrite defaults.filter
+    # filter: ["{ id: { eq: $user_id } }"]
+    # filter_query: ["{ id: { eq: $user_id } }"]
+    filter_update: ["{ id: { eq: $user_id } }"]
+    filter_delete: ["{ id: { eq: $user_id } }"]

-    # - name: products
-    #   # Multiple filters are AND'd together
-    #   filter: [
-    #     "{ price: { gt: 0 } }",
-    #     "{ price: { lt: 8 } }"
-    #   ]
+  # - name: products
+  #   # Multiple filters are AND'd together
+  #   filter: [
+  #     "{ price: { gt: 0 } }",
+  #     "{ price: { lt: 8 } }"
+  #   ]

-    - name: customers
-      # No filter is used for this field not
-      # even defaults.filter
-      filter: none
+  - name: customers
+    # No filter is used for this field not
+    # even defaults.filter
+    filter: none

-      remotes:
-        - name: payments
-          id: stripe_id
-          url: http://rails_app:3000/stripe/$id
-          path: data
-          # debug: true
-          pass_headers: 
-            - cookie
-          set_headers:
-            - name: Host
-              value: 0.0.0.0
-            # - name: Authorization
-            #   value: Bearer <stripe_api_key>
+    remotes:
+      - name: payments
+        id: stripe_id
+        url: http://rails_app:3000/stripe/$id
+        path: data
+        # debug: true
+        pass_headers: 
+          - cookie
+        set_headers:
+          - name: Host
+            value: 0.0.0.0
+          # - name: Authorization
+          #   value: Bearer <stripe_api_key>

-    - # You can create new fields that have a
-      # real db table backing them
-      name: me
-      table: users
-      filter: ["{ id: { eq: $user_id } }"]
+  - # You can create new fields that have a
+    # real db table backing them
+    name: me
+    table: users
+    filter: ["{ id: { eq: $user_id } }"]

-    # - name: posts
-    #   filter: ["{ account_id: { _eq: $account_id } }"]
+  # - name: posts
+  #   filter: ["{ account_id: { _eq: $account_id } }"]
--- a/config/prod.yml
+++ b/config/prod.yml
@ -105,40 +105,43 @@ database:
      - encrypted
      - token

-  tables:
-    - name: users
-      # This filter will overwrite defaults.filter
-      filter: ["{ id: { eq: $user_id } }"]
+tables:
+  - name: users
+    # This filter will overwrite defaults.filter
+    # filter: ["{ id: { eq: $user_id } }"]
+    # filter_query: ["{ id: { eq: $user_id } }"]
+    filter_update: ["{ id: { eq: $user_id } }"]
+    filter_delete: ["{ id: { eq: $user_id } }"]

-    - name: products
-      # Multiple filters are AND'd together
-      filter: [
-        "{ price: { gt: 0 } }",
-        "{ price: { lt: 8 } }"
-      ] 
+  - name: products
+    # Multiple filters are AND'd together
+    filter: [
+      "{ price: { gt: 0 } }",
+      "{ price: { lt: 8 } }"
+    ] 

-    - name: customers
-      # No filter is used for this field not 
-      # even defaults.filter
-      filter: none
+  - name: customers
+    # No filter is used for this field not 
+    # even defaults.filter
+    filter: none

-      # remotes:
-      #   - name: payments
-      #     id: stripe_id
-      #     url: http://rails_app:3000/stripe/$id
-      #     path: data
-      #     # pass_headers: 
-      #     #   - cookie
-      #     #   - host
-      #     set_headers:
-      #       - name: Authorization
-      #         value: Bearer <stripe_api_key>
+    # remotes:
+    #   - name: payments
+    #     id: stripe_id
+    #     url: http://rails_app:3000/stripe/$id
+    #     path: data
+    #     # pass_headers: 
+    #     #   - cookie
+    #     #   - host
+    #     set_headers:
+    #       - name: Authorization
+    #         value: Bearer <stripe_api_key>

-    - # You can create new fields that have a
-      # real db table backing them
-      name: me
-      table: users
-      filter: ["{ id: { eq: $user_id } }"]
+  - # You can create new fields that have a
+    # real db table backing them
+    name: me
+    table: users
+    filter: ["{ id: { eq: $user_id } }"]

-    # - name: posts
-    #   filter: ["{ account_id: { _eq: $account_id } }"]
+  # - name: posts
+  #   filter: ["{ account_id: { _eq: $account_id } }"]