From 87417bffc5a21149c479f1cc81d4ba8a9e877f9c Mon Sep 17 00:00:00 2001 From: Santiago Arce Date: Wed, 3 Sep 2025 19:03:02 -0300 Subject: [PATCH 1/4] add after_assign_attributes methods for grapqhl resources --- lib/hq/graphql/resource/auto_mutation.rb | 1 + 1 file changed, 1 insertion(+) diff --git a/lib/hq/graphql/resource/auto_mutation.rb b/lib/hq/graphql/resource/auto_mutation.rb index 7a7c8e4..61ca9b2 100644 --- a/lib/hq/graphql/resource/auto_mutation.rb +++ b/lib/hq/graphql/resource/auto_mutation.rb @@ -43,6 +43,7 @@ def build_update if resource resource.assign_attributes(args[:attributes].format_nested_attributes) + scoped_self.after_assign_attributes(resource, args[:attributes], context) if scoped_self&.respond_to?(:after_assign_attributes) if resource.save { resource: resource, From cda3a3bb76adf641b27c8258924ebc4794001d02 Mon Sep 17 00:00:00 2001 From: Santiago Arce Date: Wed, 10 Sep 2025 14:20:13 -0300 Subject: [PATCH 2/4] ability added using authorized? method --- lib/hq/graphql/resource/auto_mutation.rb | 16 +++++++++++++--- lib/hq/graphql/version.rb | 2 +- 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/lib/hq/graphql/resource/auto_mutation.rb b/lib/hq/graphql/resource/auto_mutation.rb index 61ca9b2..f1cd05e 100644 --- a/lib/hq/graphql/resource/auto_mutation.rb +++ b/lib/hq/graphql/resource/auto_mutation.rb @@ -131,13 +131,23 @@ def build_destroy def build_mutation(action:, require_primary_key: false, nil_klass: false, &block) gql_name = "#{graphql_name}#{action.to_s.titleize}" scoped_model_name = model_name + scoped_self = self klass = Class.new(::GraphQL::Schema::Mutation) do graphql_name gql_name - define_method(:ready?) do |**args| - super(**args) && ::HQ::GraphQL.authorized?(action, scoped_model_name, context) - end + define_method(:ready?) do |**args| + super_result = defined?(super) ? super(**args) : true + + authorized_result = + if scoped_self.respond_to?(:authorized?) + scoped_self.authorized?(action, context, args) + else + true + end + + super_result && authorized_result + end lazy_load do field :errors, ::GraphQL::Types::JSON, null: false diff --git a/lib/hq/graphql/version.rb b/lib/hq/graphql/version.rb index df82d51..df50950 100644 --- a/lib/hq/graphql/version.rb +++ b/lib/hq/graphql/version.rb @@ -2,6 +2,6 @@ module HQ module GraphQL - VERSION = "2.3.6" + VERSION = "2.3.7" end end From 3e28bbd4c6a8a7efd95159380a0d2d6030d3a27d Mon Sep 17 00:00:00 2001 From: Santiago Arce Date: Thu, 11 Sep 2025 10:35:31 -0300 Subject: [PATCH 3/4] move ability to framework initializer --- lib/hq/graphql.rb | 4 ++-- lib/hq/graphql/ext/object_extensions.rb | 4 ++-- lib/hq/graphql/resource/auto_mutation.rb | 15 +++------------ 3 files changed, 7 insertions(+), 16 deletions(-) diff --git a/lib/hq/graphql.rb b/lib/hq/graphql.rb index 0f2a506..a61b5a6 100644 --- a/lib/hq/graphql.rb +++ b/lib/hq/graphql.rb @@ -20,8 +20,8 @@ def self.configure(&block) config.instance_eval(&block) end - def self.authorized?(action, object, context) - !config.authorize || config.authorize.call(action, object, context) + def self.authorized?(action, object, context, args) + !config.authorize || config.authorize.call(action, object, context, args) end def self.authorize_field(action, field, object, context) diff --git a/lib/hq/graphql/ext/object_extensions.rb b/lib/hq/graphql/ext/object_extensions.rb index c53c428..c66d3d3 100644 --- a/lib/hq/graphql/ext/object_extensions.rb +++ b/lib/hq/graphql/ext/object_extensions.rb @@ -25,8 +25,8 @@ def authorize_action(action) self.authorized_action = action end - def authorized?(object, context) - super && ::HQ::GraphQL.authorized?(authorized_action, object, context) + def authorized?(object, context, args = nil) + super(object, context) && ::HQ::GraphQL.authorized?(authorized_action, object, context, args) end def with_model(model_name, attributes: true, associations: true, auto_nil: true, enums: true) diff --git a/lib/hq/graphql/resource/auto_mutation.rb b/lib/hq/graphql/resource/auto_mutation.rb index f1cd05e..9dcd425 100644 --- a/lib/hq/graphql/resource/auto_mutation.rb +++ b/lib/hq/graphql/resource/auto_mutation.rb @@ -136,18 +136,9 @@ def build_mutation(action:, require_primary_key: false, nil_klass: false, &block klass = Class.new(::GraphQL::Schema::Mutation) do graphql_name gql_name - define_method(:ready?) do |**args| - super_result = defined?(super) ? super(**args) : true - - authorized_result = - if scoped_self.respond_to?(:authorized?) - scoped_self.authorized?(action, context, args) - else - true - end - - super_result && authorized_result - end + define_method(:ready?) do |**args| + super(**args) && ::HQ::GraphQL.authorized?(action, scoped_model_name, context, args) + end lazy_load do field :errors, ::GraphQL::Types::JSON, null: false From 65d497f9dfe36576b63fbe3d7058ffacf34c404d Mon Sep 17 00:00:00 2001 From: Santiago Arce Date: Wed, 24 Sep 2025 15:44:41 -0300 Subject: [PATCH 4/4] feedback changes --- lib/hq/graphql.rb | 4 ++-- lib/hq/graphql/ext/object_extensions.rb | 4 ++-- lib/hq/graphql/resource/auto_mutation.rb | 3 +-- 3 files changed, 5 insertions(+), 6 deletions(-) diff --git a/lib/hq/graphql.rb b/lib/hq/graphql.rb index a61b5a6..4e359a8 100644 --- a/lib/hq/graphql.rb +++ b/lib/hq/graphql.rb @@ -20,8 +20,8 @@ def self.configure(&block) config.instance_eval(&block) end - def self.authorized?(action, object, context, args) - !config.authorize || config.authorize.call(action, object, context, args) + def self.authorized?(action, object, context, **args) + !config.authorize || config.authorize.call(action, object, context, **args) end def self.authorize_field(action, field, object, context) diff --git a/lib/hq/graphql/ext/object_extensions.rb b/lib/hq/graphql/ext/object_extensions.rb index c66d3d3..263674b 100644 --- a/lib/hq/graphql/ext/object_extensions.rb +++ b/lib/hq/graphql/ext/object_extensions.rb @@ -25,8 +25,8 @@ def authorize_action(action) self.authorized_action = action end - def authorized?(object, context, args = nil) - super(object, context) && ::HQ::GraphQL.authorized?(authorized_action, object, context, args) + def authorized?(object, context, **args) + super && ::HQ::GraphQL.authorized?(authorized_action, object, context, **args) end def with_model(model_name, attributes: true, associations: true, auto_nil: true, enums: true) diff --git a/lib/hq/graphql/resource/auto_mutation.rb b/lib/hq/graphql/resource/auto_mutation.rb index 9dcd425..7984ce3 100644 --- a/lib/hq/graphql/resource/auto_mutation.rb +++ b/lib/hq/graphql/resource/auto_mutation.rb @@ -131,13 +131,12 @@ def build_destroy def build_mutation(action:, require_primary_key: false, nil_klass: false, &block) gql_name = "#{graphql_name}#{action.to_s.titleize}" scoped_model_name = model_name - scoped_self = self klass = Class.new(::GraphQL::Schema::Mutation) do graphql_name gql_name define_method(:ready?) do |**args| - super(**args) && ::HQ::GraphQL.authorized?(action, scoped_model_name, context, args) + super(**args) && ::HQ::GraphQL.authorized?(action, scoped_model_name, context, **args) end lazy_load do