What does 'root' mean? #1948

MincePie · 2022-02-22T21:56:20Z

MincePie
Feb 22, 2022

Hi Jack,

What does 'root' mean where it is used in the context of checking the user.id?

import { AuthenticationError } from "apollo-server-express"
import { createMethodDecorator } from "type-graphql"

import { Role } from "@generated"

import { ResolverContext } from "../../shared/resolverContext"

export function UseIsCurrentUser(): any {
  return createMethodDecorator<ResolverContext>(async ({ context: { req }, root }, next) => {
    if (!req.currentUser) throw new AuthenticationError("Not authenticated")
    if (req.currentUser.role === Role.ADMIN) return next()
    if (req.currentUser.id !== root.id) throw new AuthenticationError("Not authorized")
    return next()
  })
}

Is it a reference to the model calling the middleware?

Thank you

Answered by JClackett

Feb 22, 2022

Yeah so in this particular example we are applying a "method decorator" called UseIsCurrentUser to a field on the user model/type. The purpose is that once we've retrieved the user from the database, we check if the current user (i.e the logged in user "making" the request), is authorised to "see" the email of the user that is being requested. This is stop random users getting information of other users that we don't want! When applying a method decorator to a field or field resolver, the root refers to the type "above" the current field in the graphql tree/schema

so for example, imagine we are querying a user, our graphql query will look something like:

user(id: String!) { # <--- this is…

View full answer

JClackett · 2022-02-22T22:53:37Z

JClackett
Feb 22, 2022
Maintainer

Yeah so in this particular example we are applying a "method decorator" called UseIsCurrentUser to a field on the user model/type. The purpose is that once we've retrieved the user from the database, we check if the current user (i.e the logged in user "making" the request), is authorised to "see" the email of the user that is being requested. This is stop random users getting information of other users that we don't want! When applying a method decorator to a field or field resolver, the root refers to the type "above" the current field in the graphql tree/schema

so for example, imagine we are querying a user, our graphql query will look something like:

user(id: String!) { # <--- this is the root
 id
 email # <--- this is the field we are applying the decorator to
 firstName
}

So you can see that when we "ask" for the email field, type-graphql will pass the user retrieved from the database (i.e the result of the "user" resolver, found in user.resolver.ts), to the UseIsCurrentUser decorator as "root".

This applies to all nested types in the tree. Type-graphql just works its way down your query running all the fields, field resolvers, decorators etc before returning to the frontend.

post {
   id
   title # <--- the root for this field is the post, Post type

   author {
      id
      email # <--- the root for this field is the author, User type
   }
}

I'd recommend reading this particular page from the type-graphql docs.

https://typegraphql.com/docs/custom-decorators.html#method-decorators

and if you haven't already, read the entire docs, as its basically the entire framework of the backend!

1 reply

MincePie Feb 22, 2022
Author

thank you. im reading those docs now.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

What does 'root' mean? #1948

{{title}}

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

What does 'root' mean? #1948

MincePie Feb 22, 2022

Replies: 1 comment · 1 reply

JClackett Feb 22, 2022 Maintainer

MincePie Feb 22, 2022 Author

MincePie
Feb 22, 2022

Replies: 1 comment 1 reply

JClackett
Feb 22, 2022
Maintainer

MincePie Feb 22, 2022
Author