{"id":13879264,"url":"https://github.com/anjlab/graphql_authorize","last_synced_at":"2025-12-29T15:04:41.026Z","repository":{"id":51045652,"uuid":"144606221","full_name":"anjlab/graphql_authorize","owner":"anjlab","description":"Authorization helpers for ruby-graphql fields","archived":false,"fork":false,"pushed_at":"2024-05-20T11:53:40.000Z","size":38,"stargazers_count":23,"open_issues_count":1,"forks_count":1,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-09-04T11:59:22.304Z","etag":null,"topics":["authorization","cancancan","gem","graphql","permissions","pundit","rails","ruby"],"latest_commit_sha":null,"homepage":"","language":"Ruby","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/anjlab.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-13T16:32:54.000Z","updated_at":"2024-12-30T15:44:23.000Z","dependencies_parsed_at":"2024-11-24T08:31:23.584Z","dependency_job_id":"207d64de-c9e9-4ca6-8716-dd73b6518e3e","html_url":"https://github.com/anjlab/graphql_authorize","commit_stats":{"total_commits":26,"total_committers":4,"mean_commits":6.5,"dds":"0.34615384615384615","last_synced_commit":"63a656be3b7cd23c0350af229ff6ae423f2e26ad"},"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/anjlab/graphql_authorize","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anjlab%2Fgraphql_authorize","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anjlab%2Fgraphql_authorize/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anjlab%2Fgraphql_authorize/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anjlab%2Fgraphql_authorize/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/anjlab","download_url":"https://codeload.github.com/anjlab/graphql_authorize/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/anjlab%2Fgraphql_authorize/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278320124,"owners_count":25967644,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-04T02:00:05.491Z","response_time":63,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["authorization","cancancan","gem","graphql","permissions","pundit","rails","ruby"],"created_at":"2024-08-06T08:02:15.656Z","updated_at":"2025-10-08T17:11:57.852Z","avatar_url":"https://github.com/anjlab.png","language":"Ruby","readme":"[![Build Status](https://travis-ci.org/anjlab/graphql_authorize.svg?branch=master)](https://travis-ci.org/anjlab/graphql_authorize)\n[![Gem Version](https://badge.fury.io/rb/ar_lazy_preload.svg)](https://rubygems.org/gems/graphql_authorize)\n[![Maintainability](https://api.codeclimate.com/v1/badges/ee8428a2161aa56ad2af/maintainability)](https://codeclimate.com/github/anjlab/graphql_authorize/maintainability)\n\n# GraphqlAuthorize\n\n\nThis gem allows you to authorize an access to you graphql-fields (defined by [graphql-ruby](https://github.com/rmosolgo/graphql-ruby)).\n\n## Installation\n\nAdd this line to your application's Gemfile:\n\n```ruby\ngem 'graphql_authorize'\n```\n\nAnd then execute:\n\n    $ bundle\n\nOr install it yourself as:\n\n    $ gem install graphql_authorize\n\n## Usage\n\nYou can define a proc and pass it to `authorize` inside the field block:\n\n```ruby\nfield :posts, types[PostType] do\n  authorize lambda { |_obj, _args, context|\n    current_user = context[:current_user]\n    current_user \u0026\u0026 current_user.admin\n  }\n\n  resolve -\u003e(_obj, _args, _context) { ... }\nend\n```\n\nIt also works for a new class-based syntax:\n\n```ruby\nfield :posts, PostType, null: false do\n  authorize lambda { |_obj, _args, context|\n    current_user = context[:current_user]\n    current_user \u0026\u0026 current_user.admin\n  }\nend\n```\n\nDon't forget to pass `current_user` to the context when you execute the query, e.g.:\n\n```ruby\nSchema.execute(query, context: { current_user: current_user })\n```\n\n### CanCanCan\n\nIf you are using CanCanCan, you can just pass an array with two values - permission to check and a model class:\n\n```ruby\nfield :posts, types[PostType] do\n  authorize [:read, Post]\n  resolve -\u003e(_obj, _args, _context) { ... }\nend\n```\n\nIn order to let GraphqlAuthorize know that it should use CanCanCan, please configure it somewhere in your app:\n\n```ruby\nGraphqlAuthorize.config.auth_adapter = GraphqlAuthorize::AuthAdapters::CanCanCan\n```\n\nBy default it will try to call `can?` on the module called `Ability` (you have it if you follow the [guide](https://github.com/CanCanCommunity/cancancan/wiki/Defining-Abilities)). However, when you've done it in a different way, you must also configure `auth_adapter_source` - a proc, which will get a current context and will need to return something, which can respond to `can?`:\n\n```ruby\nGraphqlAuthorize.configure do |config|\n  config.auth_adapter = GraphqlAuthorize::AuthAdapters::CanCanCan\n  config.auth_adapter_source = -\u003e(context) { context[:current_user] }\nend\n```\n\n### Pundit\n\nPundit integration is very similar with CanCanCan - you should pass an array with two values in a following way:\n\n```ruby\nfield :posts, types[PostType] do\n  authorize [:read, Post]\n  resolve -\u003e(_obj, _args, _context) { ... }\nend\n```\n\nDon't forget to configure GraphqlAuthorize to use the proper adapter:\n\n```ruby\nGraphqlAuthorize.config.auth_adapter = GraphqlAuthorize::AuthAdapters::Pundit\n```\n\n## Contributing\n\nBug reports and pull requests are welcome on GitHub at https://github.com/anjlab/graphql_authorize.\n\n## License\n\nThe gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).\n","funding_links":[],"categories":["Ruby"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanjlab%2Fgraphql_authorize","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fanjlab%2Fgraphql_authorize","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fanjlab%2Fgraphql_authorize/lists"}