This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help

Head's Up! These forums are read-only. All users and content have migrated. Please join us at community.neo4j.com.

Neo4j GraphQL Library how to use @auth with allow across relationship properties

DevDan
Node Link

‎10-03-2022 05:39 PM

I see in the documentation (https://neo4j.com/docs/graphql-manual/current/auth/authorization/allow/), you can use auth with allow across relationship.

However, I want to add read and edit properties on the relationship. 

For example:

type User {
  id: ID! @id(autogenerate: true)
  authId: String! @unique
  objects: [Object!]!
    @relationship(type: "ACCESS", direction: OUT, properties: "Access")
}

type Object {
  id: ID! @id(autogenerate: true)
  users: [User!]!
    @relationship(type: "ACCESS", direction: IN, properties: "Access")
}

interface Access @relationshipProperties {
  edit: Boolean!
}
 
How do I setup my auth rules on object so that read operations is allowed for [:ACCESS] and edit operations is allowed for [:ACCESS {edit: true}].
 
Given the current documentation, it seems I need to create two relationships [:EDIT] and [:READ] for things to work, but that will complicate all my queries when dealing with user's objects.
 
Reply
1 REPLY 1

Thomas_Puech
Node

‎12-03-2022 09:29 AM

Hey, I had a similar situation here: https://www.reddit.com/r/Neo4j/

What people responded on the discord:

- The where clause transcribes to a cypher "all" clause so if only some of the where conditions are matched in the different relationships, then it will not work.

- To access a relationship property there seems to be no way of doing this right now inside @auth so the best solution for this is to make a custom resolver and pass some custom cypher that checks for the relationship property in there.

Late but hope that helps 🙂

0 Kudos
Reply
Nodes 2022
Nodes
NODES 2022, Neo4j Online Education Summit

All the sessions of the conference are now available online

Watch replays