我需要发送来自石墨烯查询的响应。问题是响应应该只包含基于用户角色的特定字段
I need to send response from graphene query. The problem is the response should contain particular fields only based on role of the user
例如:
如果用户是群组成员,则响应将包含所有群组信息,包括群组成员,否则响应将仅包含群组成员数。
我正在使用 graphene-django 并且需要 return 来自查询模式的数据。
class GroupMutation(graphene.Mutation):
group = graphene.Field(GroupType)
class Arguments:
id = graphene.ID(required=False)
created_by = graphene.ID(required=False)
admins = graphene.ID(required=False)
moderators = graphene.ID(required=False)
users = graphene.List(graphene.ID)
name = graphene.String(required = True)
public = graphene.Boolean(required=False)
location = graphene.String(required=False)
reported = graphene.Boolean(required=False)
reported_by = graphene.List(graphene.ID)
profile_picture = Upload(required=False)
background_picture = Upload(required=False)
您的 GraphQL/Graphene schema 将需要包含这两个字段,因为架构不能根据用户有条件地更改,但您可以有条件地选择 根据用户应访问的内容填充响应中的那些字段。
例如:
import graphene
class GroupNode(graphene.ObjectType):
# Assume MemberNode is defined elsewhere
members = graphene.List(MemberNode)
members_count = graphene.Int()
def resolve_members(parent, info):
if info.context.user.username == 'allowed_user':
return Members.objects.all() # whatever logic you need
# Return nothing if the user is not allowed
return None
def resolve_members_count(parent, info):
if info.context.user.username == 'allowed_user':
# We don't need to return this, since the user can access `members` directly
return None
return Members.objects.count()
请注意,这两个字段都必须可以为空(即您不能传递 required=True),以便您可以选择在 resolve_ 方法中省略它们。 (或者,如果更方便的话,您可以选择使用 required=True 和 return [] 而不是 return None 使 members 非空。)
还有一些其他类型的 authorization examples Graphene-Django docs,以防这些有帮助。
例如: 如果用户是群组成员,则响应将包含所有群组信息,包括群组成员,否则响应将仅包含群组成员数。 我正在使用 graphene-django 并且需要 return 来自查询模式的数据。
class GroupMutation(graphene.Mutation):
group = graphene.Field(GroupType)
class Arguments:
id = graphene.ID(required=False)
created_by = graphene.ID(required=False)
admins = graphene.ID(required=False)
moderators = graphene.ID(required=False)
users = graphene.List(graphene.ID)
name = graphene.String(required = True)
public = graphene.Boolean(required=False)
location = graphene.String(required=False)
reported = graphene.Boolean(required=False)
reported_by = graphene.List(graphene.ID)
profile_picture = Upload(required=False)
background_picture = Upload(required=False)
您的 GraphQL/Graphene schema 将需要包含这两个字段,因为架构不能根据用户有条件地更改,但您可以有条件地选择 根据用户应访问的内容填充响应中的那些字段。
例如:
import graphene
class GroupNode(graphene.ObjectType):
# Assume MemberNode is defined elsewhere
members = graphene.List(MemberNode)
members_count = graphene.Int()
def resolve_members(parent, info):
if info.context.user.username == 'allowed_user':
return Members.objects.all() # whatever logic you need
# Return nothing if the user is not allowed
return None
def resolve_members_count(parent, info):
if info.context.user.username == 'allowed_user':
# We don't need to return this, since the user can access `members` directly
return None
return Members.objects.count()
请注意,这两个字段都必须可以为空(即您不能传递 required=True),以便您可以选择在 resolve_ 方法中省略它们。 (或者,如果更方便的话,您可以选择使用 required=True 和 return [] 而不是 return None 使 members 非空。)
还有一些其他类型的 authorization examples Graphene-Django docs,以防这些有帮助。