How to use the graphql-mapping-template.comment function in graphql-mapping-template

To help you get started, we’ve selected a few graphql-mapping-template examples, based on popular ways it is used in public projects.

github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
variableToCheck: string = 'ctx.args.input',
    variableToSet: string = ResourceConstants.SNIPPETS.IsOwnerAuthorizedVariable,
    formatComment?: (rule: AuthRule) => string
  ) {
    let ownershipAuthorizationExpressions = [];
    let ruleNumber = 0;
    for (const rule of rules) {
      const ownerAttribute = rule.ownerField || DEFAULT_OWNER_FIELD;
      const rawUsername = rule.identityField || rule.identityClaim || DEFAULT_IDENTITY_FIELD;
      const isUser = isUsername(rawUsername);
      const identityAttribute = replaceIfUsername(rawUsername);
      const ownerFieldIsList = fieldIsList(ownerAttribute);
      const allowedOwnersVariable = `allowedOwners${ruleNumber}`;
      ownershipAuthorizationExpressions = ownershipAuthorizationExpressions.concat(
        formatComment
          ? comment(formatComment(rule))
          : comment(`Authorization rule: { allow: ${rule.allow}, ownerField: "${ownerAttribute}", identityClaim: "${identityAttribute}" }`),
        set(ref(allowedOwnersVariable), raw(`$util.defaultIfNull($${variableToCheck}.${ownerAttribute}, null)`)),
        isUser
          ? // tslint:disable-next-line
            set(
              ref('identityValue'),
              raw(
                `$util.defaultIfNull($ctx.identity.claims.get("${rawUsername}"), $util.defaultIfNull($ctx.identity.claims.get("${identityAttribute}"), "${NONE_VALUE}"))`
              )
            )
          : set(ref('identityValue'), raw(`$util.defaultIfNull($ctx.identity.claims.get("${identityAttribute}"), "${NONE_VALUE}")`)),
        // If a list of owners check for at least one.
        iff(
          raw(`$util.isList($${allowedOwnersVariable})`),
          forEach(ref('allowedOwner'), ref(allowedOwnersVariable), [
            iff(raw(`$allowedOwner == $identityValue`), set(ref(variableToSet), raw('true'))),
github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
variableToCheck: string = 'ctx.args',
    variableToSet: string = ResourceConstants.SNIPPETS.IsOwnerAuthorizedVariable,
    formatComment?: (rule: AuthRule) => string
  ) {
    let ownershipAuthorizationExpressions = [];
    let ruleNumber = 0;
    for (const rule of rules) {
      const ownerAttribute = rule.ownerField || DEFAULT_OWNER_FIELD;
      const rawUsername = rule.identityField || rule.identityClaim || DEFAULT_IDENTITY_FIELD;
      const isUser = isUsername(rawUsername);
      const identityAttribute = replaceIfUsername(rawUsername);
      const allowedOwnersVariable = `allowedOwners${ruleNumber}`;
      ownershipAuthorizationExpressions = ownershipAuthorizationExpressions.concat(
        formatComment
          ? comment(formatComment(rule))
          : comment(`Authorization rule: { allow: ${rule.allow}, ownerField: "${ownerAttribute}", identityClaim: "${identityAttribute}" }`),
        set(ref(allowedOwnersVariable), raw(`$util.defaultIfNull($${variableToCheck}.${ownerAttribute}, null)`)),
        isUser
          ? // tslint:disable-next-line
            set(
              ref('identityValue'),
              raw(`$util.defaultIfNull($ctx.identity.claims.get("${rawUsername}"),
                        $util.defaultIfNull($ctx.identity.claims.get("${identityAttribute}"), "${NONE_VALUE}"))`)
            )
          : set(ref('identityValue'), raw(`$util.defaultIfNull($ctx.identity.claims.get("${identityAttribute}"), "${NONE_VALUE}")`)),
        // If a list of owners check for at least one.
        iff(
          raw(`$util.isList($${allowedOwnersVariable})`),
          forEach(ref('allowedOwner'), ref(allowedOwnersVariable), [
            iff(raw(`$allowedOwner == $identityValue`), set(ref(variableToSet), raw('true'))),
          ])
        ),
github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
variableToCheck: string = 'ctx.args.input',
        variableToSet: string = ResourceConstants.SNIPPETS.IsOwnerAuthorizedVariable,
        formatComment?: (rule: AuthRule) => string,
    ) {
        let ownershipAuthorizationExpressions = []
        let ruleNumber = 0;
        for (const rule of rules) {
            const ownerAttribute = rule.ownerField || DEFAULT_OWNER_FIELD
            const rawUsername = rule.identityField || DEFAULT_IDENTITY_FIELD
            const isUsern = isUsername(rawUsername)
            const identityAttribute = replaceIfUsername(rawUsername)
            const ownerFieldIsList = fieldIsList(ownerAttribute)
            const allowedOwnersVariable = `allowedOwners${ruleNumber}`
            ownershipAuthorizationExpressions = ownershipAuthorizationExpressions.concat(
                formatComment ?
                    comment(formatComment(rule)) :
                    comment(`Authorization rule: { allow: ${rule.allow}, ownerField: "${ownerAttribute}", identityField: "${identityAttribute}" }`),
                set(ref(allowedOwnersVariable), raw(`$util.defaultIfNull($${variableToCheck}.${ownerAttribute}, null)`)),
                isUsern ?
                    // tslint:disable-next-line
                    set(ref('identityValue'), raw(`$util.defaultIfNull($ctx.identity.claims.get("${rawUsername}"), $util.defaultIfNull($ctx.identity.claims.get("${identityAttribute}"), "${NONE_VALUE}"))`)) :
                    set(ref('identityValue'), raw(`$util.defaultIfNull($ctx.identity.claims.get("${identityAttribute}"), "${NONE_VALUE}")`)),
                // If a list of owners check for at least one.
                iff(
                    raw(`$util.isList($${allowedOwnersVariable})`),
                    forEach(ref('allowedOwner'), ref(allowedOwnersVariable), [
                        iff(
                            raw(`$allowedOwner == $identityValue`),
                            set(ref(variableToSet), raw('true'))),
                    ])
                ),
                // If a single owner check for at least one.
github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
public dynamicGroupAuthorizationExpressionForReadOperations(
    rules: AuthRule[],
    variableToCheck: string = 'ctx.result',
    variableToSet: string = ResourceConstants.SNIPPETS.IsDynamicGroupAuthorizedVariable,
    defaultValue: Expression = raw(`$util.defaultIfNull($${variableToSet}, false)`)
  ): Expression {
    if (!rules || rules.length === 0) {
      return comment(`No Dynamic Group Authorization Rules`);
    }
    let groupAuthorizationExpressions = [];
    for (const rule of rules) {
      const groupsAttribute = rule.groupsField || DEFAULT_GROUPS_FIELD;
      const groupClaimAttribute = rule.groupClaim || DEFAULT_GROUP_CLAIM;
      groupAuthorizationExpressions = groupAuthorizationExpressions.concat(
        comment(`Authorization rule: { allow: ${rule.allow}, groupsField: "${groupsAttribute}", groupClaim: "${groupClaimAttribute}" }`),
        set(ref('allowedGroups'), ref(`util.defaultIfNull($${variableToCheck}.${groupsAttribute}, [])`)),
        this.setUserGroups(rule.groupClaim),
        forEach(ref('userGroup'), ref('userGroups'), [
          iff(raw('$util.isList($allowedGroups)'), iff(raw(`$allowedGroups.contains($userGroup)`), set(ref(variableToSet), raw('true')))),
          iff(raw(`$util.isString($allowedGroups)`), iff(raw(`$allowedGroups == $userGroup`), set(ref(variableToSet), raw('true')))),
        ])
      );
    }
    // check for group claim here
github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
public staticGroupAuthorizationExpression(rules: AuthRule[]): Expression {
        if (!rules || rules.length === 0) {
            return comment(`No Static Group Authorization Rules`)
        }
        const allowedGroups: string[] = []
        for (const rule of rules) {
            const groups = rule.groups;
            for (const group of groups) {
                if (group) {
                    allowedGroups.push(group);
                }
            }
        }
        // TODO: Enhance cognito:groups to work with non cognito based auth.
        return block('Static Group Authorization Checks', [
            comment(`Authorization rule: { allow: groups, groups: "${JSON.stringify(allowedGroups)}" }`),
            this.setUserGroups(),
            set(ref('allowedGroups'), list(allowedGroups.map(s => str(s)))),
            // tslint:disable-next-line
github aws-amplify / amplify-cli / packages / graphql-http-transformer / src / resources.ts View on Github external
private makeNonNullChecks(nonNullArgs: string[]) {
    return compoundExpression([
      comment('START: Manually checking that all non-null arguments are provided either in the query or the body'),
      iff(
        or(nonNullArgs.map((arg: string) => parens(and([raw(`!$ctx.args.body.${arg}`), raw(`!$ctx.args.query.${arg}`)])))),
        ref('util.error("An argument you marked as Non-Null is not present ' + 'in the query nor the body of your request."))')
      ),
      comment('END: Manually checking that all non-null arguments are provided either in the query or the body'),
    ]);
  }
github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
private dynamicAuthorizationExpressionForCreate(
        rules: AuthRule[],
        variableToCheck: string = 'ctx.args.input',
        variableToSet: string = ResourceConstants.SNIPPETS.IsDynamicGroupAuthorizedVariable,
        formatComment?: (rule: AuthRule) => string,
    ) {
        let groupAuthorizationExpressions = []
        for (const rule of rules) {
            const groupsAttribute = rule.groupsField || DEFAULT_GROUPS_FIELD
            groupAuthorizationExpressions = groupAuthorizationExpressions.concat(
                formatComment ?
                    comment(formatComment(rule)) :
                    comment(`Authorization rule: { allow: ${rule.allow}, groupsField: "${groupsAttribute}" }`),
                set(
                    ref(variableToSet),
                    raw(`$util.defaultIfNull($${variableToSet}, false)`)
                ),
                forEach(ref('userGroup'), ref('userGroups'), [
                    iff(
                        raw(`$util.isList($ctx.args.input.${groupsAttribute})`),
                        iff(
                            ref(`${variableToCheck}.${groupsAttribute}.contains($userGroup)`),
                            set(ref(variableToSet), raw('true'))
                        ),
                    ),
                    iff(
                        raw(`$util.isString($ctx.args.input.${groupsAttribute})`),
                        iff(
github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
public dynamicGroupAuthorizationExpressionForCreateOperationsByField(
        rules: AuthRule[],
        fieldToCheck: string,
        variableToCheck: string = 'ctx.args.input',
        variableToSet: string = ResourceConstants.SNIPPETS.IsDynamicGroupAuthorizedVariable,
    ): Expression {
        if (!rules || rules.length === 0) {
            return comment(`No dynamic group authorization rules for field "${fieldToCheck}"`);
        }
        let groupAuthorizationExpression: Expression = this.dynamicAuthorizationExpressionForCreate(
            rules, variableToCheck, variableToSet,
            rule => `Authorization rule on field "${fieldToCheck}": { allow: ${rule.allow}, \
groupsField: "${rule.groupsField || DEFAULT_GROUPS_FIELD}" }`
        )
        return block(`Dynamic group authorization rules for field "${fieldToCheck}"`, [
            groupAuthorizationExpression
        ])
    }
github aws-amplify / amplify-cli / packages / graphql-auth-transformer / src / resources.ts View on Github external
public dynamicGroupAuthorizationExpressionForCreateOperations(
        rules: AuthRule[],
        variableToCheck: string = 'ctx.args.input',
        variableToSet: string = ResourceConstants.SNIPPETS.IsDynamicGroupAuthorizedVariable,
    ): Expression {
        if (!rules || rules.length === 0) {
            return comment(`No Dynamic Group Authorization Rules`)
        }
        return block('Dynamic Group Authorization Checks', [
            this.dynamicAuthorizationExpressionForCreate(rules, variableToCheck, variableToSet)
        ])
    }