From ee2aa081b819dc5e5be0f07a55e7131937d6cf71 Mon Sep 17 00:00:00 2001 From: Jonas Wilms Date: Mon, 6 Nov 2023 01:20:54 +0100 Subject: [PATCH] feat: Field Protection for Screener entity Given that we now actively release edges to the Screener entity, maybe a good idea to protect it's fields --- graphql/authorizations.ts | 41 ++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/graphql/authorizations.ts b/graphql/authorizations.ts index bebcedffb..13511a968 100644 --- a/graphql/authorizations.ts +++ b/graphql/authorizations.ts @@ -1,4 +1,15 @@ -import { ModelsEnhanceMap, Pupil, ResolversEnhanceMap, Student, Subcourse, Course, Lecture, Course_tag as CourseTag, Concrete_notification } from './generated'; +import { + ModelsEnhanceMap, + Pupil, + ResolversEnhanceMap, + Student, + Subcourse, + Course, + Lecture, + Course_tag as CourseTag, + Concrete_notification, + Screener, +} from './generated'; import { Authorized, createMethodDecorator } from 'type-graphql'; import { UNAUTHENTICATED_USER } from './authentication'; @@ -488,6 +499,34 @@ export const authorizationModelEnhanceMap: ModelsEnhanceMap = { cooperationID: nobody, }), }, + + Screener: { + fields: withPublicFields({ + verification: nobody, + password: nobody, + verified: nobody, + verifiedAt: nobody, + instructor_screening: nobody, + isRedacted: nobody, + oldNumberID: nobody, + project_coaching_screening: nobody, + screenings: nobody, + updatedAt: nobody, + _count: nobody, + + lastLogin: onlyOwner, + lastTimeCheckedNotifications: onlyOwner, + notificationPreferences: onlyOwner, + + is_trusted: onlyAdminOrScreener, + active: onlyAdminOrScreener, + createdAt: onlyAdminOrScreener, + firstname: onlyAdminOrScreener, + lastname: onlyAdminOrScreener, + email: onlyAdminOrScreener, + }), + }, + Subcourse: { fields: withPublicFields< Subcourse,