Open
Description
Good afternoon. I'm using keystone in a work project and I've come across the following need: I want to prevent a part of users from filtering a particular field. For example, I want to prohibit a query of the form:
{
_allUsersMeta(where: { phone_in: ["xxx", "yyy", "zzz"] })
}
The most logical way, in my opinion, is to modify the access function like this:
{
fields: {}
access: {
read: async ({ authentication: { item: user } } }) {
if (!user) return false
if (user.isAdmin) return true
// Else parse args here
}
}
}
The problem is that now ListCRUDProvider Keystone does not pass query arguments to access functions, unlike CustomProvider:
My question is why are the arguments not passed to the access function? Is this a conscious decision or an oversight? And if there is no contradiction, can I help with the implementation?
Metadata
Metadata
Assignees
Labels
No labels