pathom

:pathom: https://github.com/wilkerlucio/pathom/ & https://pathom3.wsscode.com & https://roamresearch.com/#/app/wsscode
tomjkidd 2020-06-10T18:51:30.219Z

Is there a preferred way to handle authorization concerns with resolvers?

wilkerlucio 2020-06-10T20:43:11.219500Z

nope, its open for you to decide, a common pattern is provide some auth-token on the environment so the resolvers can use it

tomjkidd 2020-06-10T20:55:43.219700Z

Alright, we have been using the environment to handle our concern, and had a false start by trying to incorporate some of the grant/role information as ::pc/input properties

tomjkidd 2020-06-10T20:56:11.220Z

And, thank you!

2020-06-10T20:56:59.220200Z

I was looking into a way to tag mutations/resolvers with auth needs, and came across the transform https://wilkerlucio.github.io/pathom/v2/pathom/2.2.0/connect/shared-resolvers.html#connect-transform helper. I think something like this shape would get there

(defn simple-tform
  [{::pc/keys [mutate resolve] :as env}]
  (log/info "ENV is: ") (pprint env)
  (if resolve
    (assoc env ::pc/resolve
               (fn [en params]
                 (log/info "IN simple tform resolve")
                 (resolve en params)))
    (assoc env ::pc/mutate
               (fn [en params]
                 (log/info "IN simple tform mutate")
                 (log/info "env is: ")
                 (pprint (keys en))
                 (mutate en params)))))

(pc/defresolver res1 [_ _]
  {::pc/output    [::test]
   ::pc/transform simple-tform
   ::my-ns/require-auth? true
   ::my-ns/auth-roles #{:admin}}
  (log/info "Hello")
  {::test "hello this is my name"})

tomjkidd 2020-06-10T21:01:32.220400Z

I like the extension to defresolver to incorporate expected roles here

tomjkidd 2020-06-10T21:01:48.220600Z

Thank you, will continue to learn about this