From 712d99caa4296ed34ecfce58c77dbe51d038b90e Mon Sep 17 00:00:00 2001 From: Jason Kraus Date: Fri, 29 Jan 2021 16:38:49 -0800 Subject: [PATCH] (doc, auth): also show that one can raise an exception in a resolve method --- docs/authorization.rst | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/authorization.rst b/docs/authorization.rst index 62f582a..39305f6 100644 --- a/docs/authorization.rst +++ b/docs/authorization.rst @@ -50,7 +50,7 @@ conversely you can use ``exclude`` meta attribute. Another pattern is to have a resolve method act as a gatekeeper, returning None -if the client isn't allowed to see the data. +or raising an exception if the client isn't allowed to see the data. .. code:: python @@ -65,7 +65,10 @@ if the client isn't allowed to see the data. interfaces = (relay.Node, ) def resolve_owner(self, info): - if info.context.user.is_anonymous(): + user = info.context.user + if user.is_anonymous: + raise PermissionDenied("Please login") + if not user.is_staff: return None return self.owner