framework/examples/full-example/graphcool.yml at master · Jobcool/framework · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
types: ./types.graphql

functions:

  # Authentication functions from: `https://github.com/graphcool/templates/tree/master/auth/email-password`
  signup:
    type: resolver
    schema: src/email-password/signup.graphql
    handler:
      code: src/email-password/signup.ts

  authenticate:
    type: resolver
    schema: src/email-password/authenticate.graphql
    handler:
      code: src/email-password/authenticate.ts

  loggedInUser:
    type: resolver
    schema: src/email-password/loggedInUser.graphql
    handler:
      code: src/email-password/loggedInUser.ts

  # Payment function using the implementation in `./src/checkout/pay.ts`
  pay:
    handler:
      code:
        src: ./src/checkout/pay.ts
        # Define environment variable accessible by the function in `./src/checkout/pay.ts`
        environment:
          STRIPE_KEY: ${env:STRIPE_TEST_KEY}
    type: resolver
    schema: ./src/checkout/pay.graphql

  # Adding items using the implementation in `./src/checkout/pay.ts`
  setOrderItem:
    handler:
      code:
        src: ./src/checkout/setOrderItem.ts
    type: resolver
    schema: ./src/checkout/setOrderItem.graphql

permissions:
  # development permissions

  # - operation: "*"

  # production permissions

  # everyone can read products
  - operation: Product.read

  # owner can read orders, items, user
  - operation: Order.read
    authenticated: true
    query: src/permissions/models/Order.graphql:isOwner
  - operation: Item.read
    authenticated: true
    query: src/permissions/models/Item.graphql:isOwner
  - operation: Order.read
    authenticated: true
    query: src/permissions/models/Order.graphql:isOwner
  - operation: User.read
    authenticated: true
    query: src/permissions/models/User.graphql:isOwner
    fields: [id, email, name]

# authenticated user can create + edit orders
  - operation: Order.create
    authenticated: true
    fields: [description]
    query: src/permissions/models/Order.graphql:isOwnerCreate
  - operation: Order.update
    authenticated: true
    fields: [description]
    query: src/permissions/models/Order.graphql:isOwner

# owner can delete orders, items
  - operation: Order.delete
    authenticated: true
    query: src/permissions/models/Order.graphql:isOwner
  - operation: Item.delete
    authenticated: true
    query: src/permissions/models/Item.graphql:isOwner

# owner can make orders for themselves
  - operation: Orders.connect
    authenticated: true
    query: src/permissions/relations/Orders.graphql:isOwner

rootTokens:
  - seed-script