Last active
July 13, 2016 17:26
-
-
Save fson/4334a6de53e9403ed855eed8d97e4c42 to your computer and use it in GitHub Desktop.
Reindex shopping cart schema with permissions
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [ | |
| { | |
| name: 'Shop', | |
| kind: 'OBJECT', | |
| interfaces: ['Node'], | |
| fields: [ | |
| { name: 'id', type: 'ID', nonNull: true, unique: true }, | |
| { name: 'owner', type: 'User', reverseName: 'ownShops' }, | |
| { name: 'staff', type: 'Connection', ofType: 'User', | |
| reverseName: 'staffShops' }, | |
| { name: 'orders', type: 'Connection', ofType: 'Order', | |
| reverseName: 'shop' }, | |
| { name: 'products', type: 'Connection', ofType: 'Product', | |
| reverseName: 'shop' }, | |
| ], | |
| permissions: [ | |
| // A shop can be seen by everyone. | |
| { | |
| grantee: 'EVERYONE', | |
| read: true | |
| }, | |
| // A shop can only be created, updated and deleted by its owner. | |
| { | |
| grantee: 'USER', | |
| userPath: ['owner'], | |
| create: true, | |
| update: true, | |
| delete: true | |
| }, | |
| // Orders can be added by authenticated users. | |
| { | |
| grantee: 'AUTHENTICATED', | |
| update: true, | |
| permittedFields: ['orders'], | |
| }, | |
| ], | |
| }, | |
| { | |
| name: 'User', | |
| kind: 'OBJECT', | |
| interfaces: ['Node'], | |
| fields: [ | |
| { name: 'id', type: 'ID', nonNull: true, unique: true }, | |
| { name: 'ownShops', type: 'Connection', ofType: 'Shop', | |
| reverseName: 'owner' }, | |
| { name: 'staffShops', type: 'Connection', ofType: 'Shop', | |
| reverseName: 'staff' }, | |
| { name: 'orders', type: 'Connection', ofType: 'Order', | |
| reverseName: 'customer' }, | |
| ], | |
| permissions: [ | |
| // Authenticated users can add other users to their shops. | |
| { | |
| grantee: 'AUTHENTICATED', | |
| update: true, | |
| permittedFields: ['staffShops'], | |
| }, | |
| // Authenticated users can see the public information of other users. | |
| { | |
| grantee: 'AUTHENTICATED', | |
| read: true, | |
| } | |
| ], | |
| }, | |
| { | |
| name: 'Order', | |
| kind: 'OBJECT', | |
| interfaces: ['Node'], | |
| fields: [ | |
| { name: 'id', type: 'ID', nonNull: true, unique: true }, | |
| { name: 'status', type: 'String' }, | |
| { name: 'customer', type: 'Connection', ofType: 'User', | |
| reverseName: 'orders' }, | |
| { name: 'shop', type: 'Shop', reverseName: 'orders' }, | |
| { name: 'lineItems', type: 'Connection', ofType: 'LineItem', | |
| reverseName: 'order' }, | |
| ], | |
| permissions: [ | |
| // The shop owner can read, create and update orders. | |
| { | |
| grantee: 'USER', | |
| userPath: ['shop', 'owner'], | |
| create: true, | |
| read: true, | |
| update: true, | |
| }, | |
| // The shop staff can read the orders of the shop. | |
| { | |
| grantee: 'USER', | |
| userPath: ['shop', 'staff'], | |
| read: true, | |
| }, | |
| // The shop staff can update the status of an order. | |
| { | |
| grantee: 'USER', | |
| userPath: ['shop', 'staff'], | |
| update: true, | |
| permittedFields: ['status'], | |
| }, | |
| // The customer can create orders and read their own orders. | |
| { | |
| grantee: 'USER', | |
| userPath: ['customer'], | |
| create: true, | |
| read: true, | |
| }, | |
| ] | |
| }, | |
| { | |
| name: 'LineItem', | |
| kind: 'OBJECT', | |
| interfaces: ['Node'], | |
| fields: [ | |
| { name: 'id', type: 'ID', nonNull: true, unique: true }, | |
| { name: 'order', type: 'Order', reverseName: 'lineItems' }, | |
| { name: 'product', type: 'Product', reverseName: 'lineItems' }, | |
| { name: 'quantity', type: 'Int' }, | |
| ], | |
| permissions: [ | |
| // The shop owner can create, read and update line items. | |
| { | |
| grantee: 'USER', | |
| userPath: ['order', 'shop', 'owner'], | |
| create: true, | |
| read: true, | |
| update: true, | |
| }, | |
| // The shop staff can read the line items of the orders of the shop. | |
| { | |
| grantee: 'USER', | |
| userPath: ['order', 'shop', 'staff'], | |
| read: true, | |
| }, | |
| // The customer can create and read line items in their own orders. | |
| { | |
| grantee: 'USER', | |
| userPath: ['order', 'customer'], | |
| create: true, | |
| read: true, | |
| }, | |
| ] | |
| }, | |
| { | |
| name: 'Product', | |
| kind: 'OBJECT', | |
| interfaces: ['Node'], | |
| fields: [ | |
| { name: 'id', type: 'ID', nonNull: true, unique: true }, | |
| { name: 'name', type: 'String' }, | |
| { name: 'shop', type: 'Shop', reverseName: 'products' }, | |
| { name: 'lineItems', type: 'Connection', ofType: 'LineItem', | |
| reverseName: 'product' }, | |
| ], | |
| permissions: [ | |
| // Everyone can see the products. | |
| { | |
| grantee: 'EVERYONE', | |
| read: true, | |
| }, | |
| // The owner can change products. | |
| { | |
| grantee: 'USER', | |
| userPath: ['shop', 'owner'], | |
| create: true, | |
| update: true, | |
| delete: true, | |
| }, | |
| // Product can be added to a line item by authenticated users. | |
| { | |
| grantee: 'AUTHENTICATED', | |
| update: true, | |
| permittedFields: ['lineItems'], | |
| }, | |
| ] | |
| }, | |
| ] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment