enforceRBAC
@abimongo/core / enforceRBAC
Function: enforceRBAC()
enforceRBAC(
resolver,permission): (parent,args,context,info) =>Promise<any>
Defined in: core/src/middleware/rbac/rbacMiddleware.ts:216
Middleware to enforce RBAC (Role-Based Access Control) on GraphQL resolvers
Parameters
resolver
Function
The original resolver function
permission
The required permission for the action
Returns
A wrapped resolver function that checks permissions
(
parent,args,context,info):Promise<any>
Parameters
parent
any
args
any
context
any
info
any
Returns
Promise<any>
Throws
If the user does not have the required permission
Example
// Wrap a resolver with RBAC enforcement
const securedResolver = enforceRBAC(originalResolver, 'createUser');
// Use the secured resolver in your GraphQL schema
const resolvers = {
Mutation: {
createUser: securedResolver,
}, };
In this example, the `enforceRBAC` function wraps the `originalResolver` and checks if the user has the 'createUser' permission before allowing access to the resolver. If the user lacks the required permission, an error is thrown, preventing unauthorized access.
* This middleware is essential for implementing fine-grained access control in GraphQL APIs, ensuring that only authorized users can perform specific actions based on their roles and permissions.
Remarks
This function is designed to be used in GraphQL resolvers to enforce role-based access control (RBAC). It checks if the user has the necessary permissions before allowing access to the resolver function. If the user lacks the required permission, an error is thrown, preventing unauthorized access. *
See
- checkPermission for checking user permissions
- Role and Permission for role and permission types
- rolePermissions for the mapping of roles to permissions
- getCachedData and setCachedData for caching permissions