class Osso::GraphQL::Types::BaseObject
Public Class Methods
admin_authorized?(context)
click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 14 def self.admin_authorized?(context) context[:scope] == 'admin' end
authorized?(object, context)
click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 28 def self.authorized?(object, context) # we first receive the payload object as a hash, but can depend on the # return type to hide the actual objects non-admins shouldn't see return true if object.instance_of?(Hash) internal_authorized?(context) || enterprise_authorized?(context, object&.domain) end
enterprise_authorized?(context, domain)
click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 22 def self.enterprise_authorized?(context, domain) return false unless domain context[:email].split('@')[1] == domain end
internal_authorized?(context)
click to toggle source
# File lib/osso/graphql/types/base_object.rb, line 18 def self.internal_authorized?(context) %w[admin internal].include?(context[:scope]) end