"and" relations not conditional

Question

"and" relations not conditional

ianwensink opened this issue 4 years ago · comments

Bug report

Describe the bug

When using the and helper from the library, it seems as if a failing rule is not preventing the others from being executed. The example on this shows the use of the user object from the context, of which the existence (null) is checked in the first isAuthenticated rule. If this rule resolves to false, the isAdmin rule is still executed, resulting in an exception since user is null, so user.role is invalid.

Expected behavior

I would either expect rules to work like logical AND's (a failing condition will stop the other conditions from being checked), or that the example wouldn't suggest that I can assume user is an object whenever the first rule passes.

open-collective-bot · Answer 1 · Fri Jun 12 2020 19:24:19 GMT+0800 (China Standard Time)

Hey @ianwensink 👋,

Thank you for opening an issue. We will get back to you as soon as we can. Also, check out our Open Collective and consider contributing financially.

https://opencollective.com/graphql-shield

PS.: We offer priority support for all financial contributors. Don't forget to add priority label once you start contributing 😄

Ian Wensink · Answer 2 · Fri Jun 12 2020 20:35:46 GMT+0800 (China Standard Time)

Edit: I will investigate whether the problem actually lies within graphql-shield, or in nexus-plugin-shield.

Matic Zavadlal · Answer 3 · Sun Jun 14 2020 17:54:07 GMT+0800 (China Standard Time)

Have you tried using chain rule?

Ian Wensink · Answer 4 · Mon Jun 15 2020 19:10:34 GMT+0800 (China Standard Time)

Hi @maticzav. Thanks for your reply. I think this resolves my issues! Gotta say the naming is a bit confusing, since I assumed and() already chained it.

Thanks!