class Osso::GraphQL::Types::BaseObject

Public Class Methods

admin_authorized?(context) click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 14
def self.admin_authorized?(context)
  context[:scope] == 'admin'
end
authorized?(object, context) click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 28
def self.authorized?(object, context)
  # we first receive the payload object as a hash, but can depend on the
  # return type to hide the actual objects non-admins shouldn't see
  return true if object.instance_of?(Hash)

  internal_authorized?(context) || enterprise_authorized?(context, object&.domain)
end
enterprise_authorized?(context, domain) click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 22
def self.enterprise_authorized?(context, domain)
  return false unless domain

  context[:email].split('@')[1] == domain
end
internal_authorized?(context) click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 18
def self.internal_authorized?(context)
  %w[admin internal].include?(context[:scope])
end