Standardize GQL queries to return empty results when anon

CarsonF · CarsonF · commit dbcf2a3af49a · 2025-05-14T15:10:13.000-05:00
diff --git a/src/components/notifications/notification.resolver.ts b/src/components/notifications/notification.resolver.ts
@@ -1,5 +1,5 @@
 import { Args, Mutation, Query, Resolver } from '@nestjs/graphql';
-import { ListArg, LoggedInSession, type Session } from '~/common';
+import { AnonSession, ListArg, LoggedInSession, type Session } from '~/common';
 import {
   MarkNotificationReadArgs,
   Notification,
@@ -14,9 +14,13 @@ export class NotificationResolver {
 
   @Query(() => NotificationList)
   async notifications(
-    @LoggedInSession() session: Session,
+    @AnonSession() session: Session,
     @ListArg(NotificationListInput) input: NotificationListInput,
   ): Promise<NotificationList> {
+    // TODO move to DB layer?
+    if (session.anonymous) {
+      return { items: [], total: 0, totalUnread: 0, hasMore: false };
+    }
     return await this.service.list(input, session);
   }
 
diff --git a/src/components/pin/pin.resolver.ts b/src/components/pin/pin.resolver.ts
@@ -1,5 +1,6 @@
 import { Args, Mutation, Query, Resolver } from '@nestjs/graphql';
 import {
+  AnonSession,
   type ID,
   IdArg,
   ListArg,
@@ -19,12 +20,16 @@ export class PinResolver {
       'Returns whether or not the requesting user has pinned the resource ID',
   })
   async isPinned(
-    @LoggedInSession() session: Session,
+    @AnonSession() session: Session,
     @IdArg({
       description: 'A resource ID',
     })
     id: ID,
   ): Promise<boolean> {
+    // TODO move to DB layer?
+    if (session.anonymous) {
+      return false;
+    }
     return await this.pins.isPinned(id, session);
   }
 
diff --git a/src/components/project/financial-approver/financial-approver.resolver.ts b/src/components/project/financial-approver/financial-approver.resolver.ts
@@ -6,7 +6,7 @@ import {
   ResolveField,
   Resolver,
 } from '@nestjs/graphql';
-import { LoggedInSession, type Session } from '~/common';
+import { AnonSession, LoggedInSession, type Session } from '~/common';
 import { Loader, type LoaderOf } from '~/core';
 import { Privileges } from '../../authorization';
 import { UserLoader } from '../../user';
@@ -30,8 +30,12 @@ export class FinancialApproverResolver {
       nullable: true,
     })
     types: readonly ProjectType[] | undefined,
-    @LoggedInSession() _: Session, // require login
+    @AnonSession() session: Session,
   ): Promise<readonly FinancialApprover[]> {
+    // TODO move to auth policy
+    if (session.anonymous) {
+      return [];
+    }
     return await this.repo.read(types);
   }
 
diff --git a/src/components/user/user.resolver.ts b/src/components/user/user.resolver.ts
@@ -136,9 +136,13 @@ export class UserResolver {
     nullable: true,
   })
   async userByEmail(
-    @LoggedInSession() session: Session,
+    @AnonSession() session: Session,
     @Args() { email }: CheckEmailArgs,
   ): Promise<User | null> {
+    // TODO move to auth policy?
+    if (session.anonymous) {
+      return null;
+    }
     return await this.userService.getUserByEmailAddress(email, session);
   }
 
