Would be quite useful, IMO.
I would prefer to have an option to return some value in a restricted fields in case of a permission fail.
Possible solution:
A new permission base class
class QuietBasePermission(BasePermission):
default_value: Any = NoneAnd some changes in GraphQLCoreConverter to handle it:
async def _check_permissions_async(
source: Any, info: Info, kwargs: Dict[str, Any]
) -> Optional[QuietBasePermission]:
failed_perm = None
for permission_class in field.permission_classes:
permission = permission_class()
has_permission: bool
has_permission = await await_maybe(
permission.has_permission(source, info, **kwargs)
)
if not has_permission and not isinstance(permission, QuietBasePermission):
message = getattr(permission, "message", None)
raise PermissionError(message)
elif not has_permission:
failed_perm = permission
return failed_perm
....
async def _async_resolver(_source: Any, info: GraphQLResolveInfo, **kwargs):
strawberry_info = _strawberry_info_from_graphql(info)
perm_failed = await _check_permissions_async(_source, strawberry_info, kwargs)
if perm_failed:
return perm_failed.default_value
return await await_maybe(_get_result(_source, strawberry_info, **kwargs))It returns the last default value for a permission check fail if there are multiple, and raises a PermissionError if required by some other permission.
strawberry-graphqlΒ /Β strawberry
A GraphQL library for Python that leverages type annotations π
4.0k
How does funding with Polar work?
1
Pay now to fund the work behind this issue.
2
Get updates on progress being made.
3
Maintainer is rewarded once the issue is completed.
FAQ
Backer
You're funding impactful open source efforts
Contributor
You want to contribute to this effort
Maintainer
You want to get funding like this too