document auth pattern: return None with resolve method

2025-07-11 00:32:24 +03:00 · 2021-01-23 21:32:01 -08:00 · 2021-01-23 21:32:01 -08:00 · 93ec8eb099
commit 93ec8eb099
parent 5dea6ffa41
1 changed files with 22 additions and 0 deletions
--- a/docs/authorization.rst
+++ b/docs/authorization.rst
@ -48,6 +48,28 @@ conversely you can use ``exclude`` meta attribute.
            exclude = ('published', 'owner')
            interfaces = (relay.Node, )

+
+Another pattern is to have a resolve method act as a gatekeeper, returning None
+if the client isn't allowed to see the data.
+
+.. code:: python
+
+    from graphene import relay
+    from graphene_django.types import DjangoObjectType
+    from .models import Post
+
+    class PostNode(DjangoObjectType):
+        class Meta:
+            model = Post
+            fields = ('title', 'content', 'owner')
+            interfaces = (relay.Node, )
+
+        def resolve_owner(self, info):
+            if info.context.user.is_anonymous():
+                return None
+            return self.owner
+
+
 Queryset Filtering On Lists
 ---------------------------