From d9ab8acf26f29033ff050f90cbcd194c2821f31c Mon Sep 17 00:00:00 2001
From: Jason Kraus <zbyte64@gmail.com>
Date: Tue, 2 Feb 2021 09:58:21 -0800
Subject: [PATCH] document auth pattern: return None with resolve method
 (#1106)

* document auth pattern: return None with resolve method

* (doc, auth): also show that one can raise an exception in a resolve method
---
 docs/authorization.rst | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/docs/authorization.rst b/docs/authorization.rst
index 387ad29..39305f6 100644
--- a/docs/authorization.rst
+++ b/docs/authorization.rst
@@ -48,6 +48,31 @@ conversely you can use ``exclude`` meta attribute.
             exclude = ('published', 'owner')
             interfaces = (relay.Node, )
 
+
+Another pattern is to have a resolve method act as a gatekeeper, returning None
+or raising an exception if the client isn't allowed to see the data.
+
+.. code:: python
+
+    from graphene import relay
+    from graphene_django.types import DjangoObjectType
+    from .models import Post
+
+    class PostNode(DjangoObjectType):
+        class Meta:
+            model = Post
+            fields = ('title', 'content', 'owner')
+            interfaces = (relay.Node, )
+
+        def resolve_owner(self, info):
+            user = info.context.user
+            if user.is_anonymous:
+                raise PermissionDenied("Please login")
+            if not user.is_staff:
+                return None
+            return self.owner
+
+
 Queryset Filtering On Lists
 ---------------------------