The sync server now has a hasRole directive. Basic usage is something This will allow the end user to define role based authorization on particular queries, mutations and fields. This example should show what that looks like this :
{code:java}
mutation {
listMemes: [Meme]!
createMeme(...args): Meme! hasRole(role: "admin")
}
{code}
In this example the user must have the admin role if they want to call the createMeme mutation. A skeleton implementation of hasRole has been implemented in the server already and we even know how to check that the user has the given role.
Take a look at the following code https://github.com/aerogear/data-sync-server/blob/master/server/lib/schemaDirectives/hasRole.js#L5-L18
There is a comment in there that shows what needs to be done next in order to
|
|
