Where
Use the where argument on types to conceptually append predicates to the Cypher WHERE clause. Given the current user ID is "123" and the following schema:
type User {
id: ID
name: String
}
extend type User @auth(rules: [{ where: { id: "$jwt.id" } }])Then the user executes a GraphQL query for all users:
query {
users {
id
name
}
}Behind the scenes the user’s ID is conceptually added to the query:
query {
users(where: { id: "123" }){
id
name
}
}Where is used on the following operations;
-
READ -
UPDATE -
CONNECT -
DISCONNECT -
DELETE
Combining where with roles
The where argument can be combined with roles within auth rules to support rule based filtering of results.
Revising the early example schema, if you update the auth rules to instead provide two sets of rules for two different roles, you can specify that JWTs with the user role can only see their own User node, as before, but now, those with the admin role can see all users:
type User {
id: ID
name: String
}
extend type User @auth(rules: [
{
roles: ["user"]
where: { id: "$jwt.id" }
}
{
roles: ["admin"]
}
])For those with an admin role, there is a conceptual where: "*" rule which is applied, allowing admins to see all User nodes.
These rules can alternatively be expressed using an OR within the top parent of a single auth rule, for example:
type User {
id: ID
name: String
}
extend type User @auth(rules: [
{
OR: [
{
roles: ["user"]
where: { id: "$jwt.id" }
},
{
roles: ["admin"]
}
]
}
])Both ways of expressing the rules are valid, and will return the same results.
Was this page helpful?