Graphql Permission

This package provides a simple way to define and guard GraphQL operations (Query / Mutation)

---

Getting Started

1. Installation

npm install @egiev/gqlperm

2. Import the Module

import { GraphqlPermissionModule } from '@egiev/gqlperm';

@Module({
  imports: [
    GraphqlPermissionModule.forRootAsync({
      useFactory: (configService: ConfigService) => ({
        domain: configService.get('PROJECT_NAME') || 'user',
      }),
      inject: [ConfigService],
    }),
  ],
})
export class AppModule {}

3. Decorate Public Routes

Use the built-in @Public() decorator to allow open access to specific resolvers:

import { Public } from '@egiev/gqlperm';

@Resolver()
export class AuthResolver {
  @Query(() => String)
  @Public()
  test() {
    return 'OK';
  }
}

How it works?

• The module injects AuthGuard and PermissionGuard as global guards.

• The AuthGuard checks for valid request identity.

• The PermissionGuard builds a permission string using:

  <domain>.<operation>.<method>

  • domain – From your config (e.g., "user")
  • operation – GraphQL operation type (query / mutation)
  • method – Name of the resolver method (e.g., getProfile)

License

This project is licensed under the MIT