Module: GraphQL::Schema::Member::HasArguments::ArgumentObjectLoader Private

Included in:
InputObject
Defined in:
lib/graphql/schema/member/has_arguments.rb

This module is part of a private API. You should avoid using this module if possible, as it may be removed or be changed in the future.

Instance Method Summary collapse

Instance Method Details

#authorize_application_object(argument, id, context, loaded_application_object) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
# File 'lib/graphql/schema/member/has_arguments.rb', line 318

def authorize_application_object(argument, id, context, loaded_application_object)
  context.schema.after_lazy(loaded_application_object) do |application_object|
    if application_object.nil?
      err = GraphQL::LoadApplicationObjectFailedError.new(argument: argument, id: id, object: application_object)
      load_application_object_failed(err)
    end
    # Double-check that the located object is actually of this type
    # (Don't want to allow arbitrary access to objects this way)
    resolved_application_object_type = context.schema.resolve_type(argument.loads, application_object, context)
    context.schema.after_lazy(resolved_application_object_type) do |application_object_type|
      possible_object_types = context.warden.possible_types(argument.loads)
      if !possible_object_types.include?(application_object_type)
        err = GraphQL::LoadApplicationObjectFailedError.new(argument: argument, id: id, object: application_object)
        load_application_object_failed(err)
      else
        # This object was loaded successfully
        # and resolved to the right type,
        # now apply the `.authorized?` class method if there is one
        context.schema.after_lazy(application_object_type.authorized?(application_object, context)) do |authed|
          if authed
            application_object
          else
            err = GraphQL::UnauthorizedError.new(
              object: application_object,
              type: application_object_type,
              context: context,
            )
            if self.respond_to?(:unauthorized_object)
              err.set_backtrace(caller)
              unauthorized_object(err)
            else
              raise err
            end
          end
        end
      end
    end
  end
end

#load_and_authorize_application_object(argument, id, context) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



313
314
315
316
# File 'lib/graphql/schema/member/has_arguments.rb', line 313

def load_and_authorize_application_object(argument, id, context)
  loaded_application_object = load_application_object(argument, id, context)
  authorize_application_object(argument, id, context, loaded_application_object)
end

#load_application_object(argument, id, context) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



305
306
307
308
309
310
311
# File 'lib/graphql/schema/member/has_arguments.rb', line 305

def load_application_object(argument, id, context)
  # See if any object can be found for this ID
  if id.nil?
    return nil
  end
  object_from_id(argument.loads, id, context)
end

#load_application_object_failed(err) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.



358
359
360
# File 'lib/graphql/schema/member/has_arguments.rb', line 358

def load_application_object_failed(err)
  raise err
end

#object_from_id(type, id, context) ⇒ Object

This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.

Look up the corresponding object for a provided ID. By default, it uses Relay-style GraphQL::Schema.object_from_id, override this to find objects another way.

Parameters:

  • type (Class, Module)

    A GraphQL type definition

  • id (String)

    A client-provided to look up

  • context (GraphQL::Query::Context)

    the current context



301
302
303
# File 'lib/graphql/schema/member/has_arguments.rb', line 301

def object_from_id(type, id, context)
  context.schema.object_from_id(id, context)
end